Vulnerabilities > Improper Link Resolution Before File Access ('Link Following')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-06-09 | CVE-2021-0094 | Link Following vulnerability in Intel Driver & Support Assistant Improper link resolution before file access in Intel(R) DSA before version 20.11.50.9 may allow an authenticated user to potentially enable an escalation of privilege via local access. | 7.8 |
| 2021-05-26 | CVE-2020-15076 | Link Following vulnerability in Openvpn Private Tunnel Private Tunnel installer for macOS version 3.0.1 and older versions may corrupt system critical files it should not have access via symlinks in /tmp. | 7.8 |
| 2021-05-25 | CVE-2020-9452 | Link Following vulnerability in Acronis True Image 2020 24.5.22510 An issue was discovered in Acronis True Image 2020 24.5.22510. | 7.8 |
| 2021-05-14 | CVE-2020-27833 | Link Following vulnerability in Redhat Openshift Container Platform A Zip Slip vulnerability was found in the oc binary in openshift-clients where an arbitrary file write is achieved by using a specially crafted raw container image (.tar file) which contains symbolic links. | 7.1 |
| 2021-05-12 | CVE-2021-23872 | Link Following vulnerability in Mcafee Total Protection Privilege Escalation vulnerability in the File Lock component of McAfee Total Protection (MTP) prior to 16.0.32 allows a local user to gain elevated privileges by manipulating a symbolic link in the IOCTL interface. | 7.8 |
| 2021-05-06 | CVE-2020-28007 | Link Following vulnerability in Exim Exim 4 before 4.94.2 allows Execution with Unnecessary Privileges. | 7.8 |
| 2021-04-26 | CVE-2021-27851 | Link Following vulnerability in GNU Guix A security vulnerability that can lead to local privilege escalation has been found in ’guix-daemon’. | 5.5 |
| 2021-04-08 | CVE-2021-30463 | Link Following vulnerability in Vestacp Control Panel VestaCP through 0.9.8-24 allows attackers to gain privileges by creating symlinks to files for which they lack permissions. | 7.8 |
| 2021-04-07 | CVE-2020-36314 | Link Following vulnerability in multiple products fr-archive-libarchive.c in GNOME file-roller through 3.38.0, as used by GNOME Shell and other software, allows Directory Traversal during extraction because it lacks a check of whether a file's parent is a symlink in certain complex situations. | 3.9 |
| 2021-04-01 | CVE-2021-28163 | Link Following vulnerability in multiple products In Eclipse Jetty 9.4.32 to 9.4.38, 10.0.0.beta2 to 10.0.1, and 11.0.0.beta2 to 11.0.1, if a user uses a webapps directory that is a symlink, the contents of the webapps directory is deployed as a static webapp, inadvertently serving the webapps themselves and anything else that might be in that directory. | 2.7 |