Vulnerabilities > Improper Link Resolution Before File Access ('Link Following')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-06-12 | CVE-2021-32555 | Link Following vulnerability in Canonical Ubuntu Linux It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. | 5.5 |
| 2021-06-12 | CVE-2021-32557 | Link Following vulnerability in Canonical Apport It was discovered that the process_report() function in data/whoopsie-upload-all allowed arbitrary file writes via symlinks. | 7.1 |
| 2021-06-10 | CVE-2021-31997 | Link Following vulnerability in Opensuse Python-Postorius 1.3.2Lp152.1.2 A UNIX Symbolic Link (Symlink) Following vulnerability in python-postorius of openSUSE Leap 15.2, Factory allows local attackers to escalate from users postorius or postorius-admin to root. | 7.8 |
| 2021-06-09 | CVE-2021-0094 | Link Following vulnerability in Intel Driver & Support Assistant Improper link resolution before file access in Intel(R) DSA before version 20.11.50.9 may allow an authenticated user to potentially enable an escalation of privilege via local access. | 7.8 |
| 2021-05-26 | CVE-2020-15076 | Link Following vulnerability in Openvpn Private Tunnel Private Tunnel installer for macOS version 3.0.1 and older versions may corrupt system critical files it should not have access via symlinks in /tmp. | 7.8 |
| 2021-05-25 | CVE-2020-9452 | Link Following vulnerability in Acronis True Image 2020 24.5.22510 An issue was discovered in Acronis True Image 2020 24.5.22510. | 7.8 |
| 2021-05-14 | CVE-2020-27833 | Link Following vulnerability in Redhat Openshift Container Platform A Zip Slip vulnerability was found in the oc binary in openshift-clients where an arbitrary file write is achieved by using a specially crafted raw container image (.tar file) which contains symbolic links. | 7.1 |
| 2021-05-12 | CVE-2021-23872 | Link Following vulnerability in Mcafee Total Protection Privilege Escalation vulnerability in the File Lock component of McAfee Total Protection (MTP) prior to 16.0.32 allows a local user to gain elevated privileges by manipulating a symbolic link in the IOCTL interface. | 7.8 |
| 2021-05-11 | CVE-2021-31187 | Link Following vulnerability in Microsoft Windows 10 Windows WalletService Elevation of Privilege Vulnerability | 7.8 |
| 2021-05-06 | CVE-2020-28007 | Link Following vulnerability in Exim Exim 4 before 4.94.2 allows Execution with Unnecessary Privileges. | 7.8 |