Vulnerabilities > Improper Link Resolution Before File Access ('Link Following')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-07-29 | CVE-2024-7251 | Link Following vulnerability in Comodo Internet Security 12.2.4.8032 Comodo Internet Security Pro cmdagent Link Following Local Privilege Escalation Vulnerability. | 7.8 |
2024-07-29 | CVE-2024-7252 | Link Following vulnerability in Comodo Internet Security 12.2.4.8032 Comodo Internet Security Pro cmdagent Link Following Local Privilege Escalation Vulnerability. | 7.8 |
2024-07-25 | CVE-2024-29069 | Link Following vulnerability in Canonical Snapd In snapd versions prior to 2.62, snapd failed to properly check the destination of symbolic links when extracting a snap. | 7.3 |
2024-06-20 | CVE-2024-6147 | Link Following vulnerability in HP Poly Plantronics HUB 3.24.2 Poly Plantronics Hub Link Following Local Privilege Escalation Vulnerability. | 7.8 |
2024-06-10 | CVE-2024-36305 | Link Following vulnerability in Trendmicro Apex ONE A security agent link following vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | 7.8 |
2024-06-10 | CVE-2024-36306 | Link Following vulnerability in Trendmicro Apex ONE A link following vulnerability in the Trend Micro Apex One and Apex One as a Service Damage Cleanup Engine could allow a local attacker to create a denial-of-service condition on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | 5.5 |
2024-06-10 | CVE-2024-27885 | Link Following vulnerability in Apple Macos This issue was addressed with improved validation of symlinks. | 6.3 |
2024-06-10 | CVE-2024-5102 | Link Following vulnerability in Avast Antivirus A sym-linked file accessed via the repair function in Avast Antivirus <24.2 on Windows may allow user to elevate privilege to delete arbitrary files or run processes as NT AUTHORITY\SYSTEM. The vulnerability exists within the "Repair" (settings -> troubleshooting -> repair) feature, which attempts to delete a file in the current user's AppData directory as NT AUTHORITY\SYSTEM. | 7.0 |
2024-05-14 | CVE-2024-32002 | Link Following vulnerability in GIT Git is a revision control system. | 9.0 |
2024-03-08 | CVE-2024-23285 | Link Following vulnerability in Apple Macos This issue was addressed with improved handling of symlinks. | 5.5 |