Vulnerabilities > Improper Link Resolution Before File Access ('Link Following')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-11-19 | CVE-2020-25989 | Link Following vulnerability in Pritunl Pritunl-Client-Electron Privilege escalation via arbitrary file write in pritunl electron client 1.0.1116.6 through v1.2.2550.20. | 7.8 |
| 2020-11-18 | CVE-2020-27697 | Link Following vulnerability in Trendmicro products Trend Micro Security 2020 (Consumer) contains a vulnerability in the installer package that could be exploited by placing a malicious DLL in a non-protected location with high privileges (symlink attack) which can lead to obtaining administrative privileges during the installation of the product. | 7.8 |
| 2020-11-10 | CVE-2020-23968 | Link Following vulnerability in Ilex International Sign&Go 7.1 Ilex International Sign&go Workstation Security Suite 7.1 allows elevation of privileges via a symlink attack on ProgramData\Ilex\S&G\Logs\000-sngWSService1.log. | 7.8 |
| 2020-11-06 | CVE-2020-5795 | Link Following vulnerability in Tp-Link Archer A7 Firmware 200721 UNIX Symbolic Link (Symlink) Following in TP-Link Archer A7(US)_V5_200721 allows an authenticated admin user, with physical access and network access, to execute arbitrary code after plugging a crafted USB drive into the router. | 6.2 |
| 2020-11-03 | CVE-2020-16007 | Link Following vulnerability in multiple products Insufficient data validation in installer in Google Chrome prior to 86.0.4240.183 allowed a local attacker to potentially elevate privilege via a crafted filesystem. | 7.8 |
| 2020-10-27 | CVE-2018-21269 | Link Following vulnerability in Openrc Project Openrc checkpath in OpenRC through 0.42.1 might allow local users to take ownership of arbitrary files because a non-terminal path component can be a symlink. | 5.5 |
| 2020-10-26 | CVE-2017-18925 | Link Following vulnerability in Openr Opentmpfiles opentmpfiles through 0.3.1 allows local users to take ownership of arbitrary files because d entries are mishandled and allow a symlink attack. | 5.5 |
| 2020-10-22 | CVE-2020-9901 | Link Following vulnerability in Apple products An issue existed within the path validation logic for symlinks. | 7.8 |
| 2020-10-22 | CVE-2020-9900 | Link Following vulnerability in Apple products An issue existed within the path validation logic for symlinks. | 7.8 |
| 2020-10-02 | CVE-2020-25776 | Link Following vulnerability in Trendmicro Antivirus 2019/2020 Trend Micro Antivirus for Mac 2020 (Consumer) is vulnerable to a symbolic link privilege escalation attack where an attacker could exploit a critical file on the system to escalate their privileges. | 7.8 |