Vulnerabilities > Improper Link Resolution Before File Access ('Link Following')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-12 | CVE-2024-5742 | Link Following vulnerability in multiple products A vulnerability was found in GNU Nano that allows a possible privilege escalation through an insecure temporary file. | 6.7 |
| 2024-06-11 | CVE-2024-30104 | Link Following vulnerability in Microsoft 365 Apps and Office Microsoft Office Remote Code Execution Vulnerability | 7.8 |
| 2024-06-11 | CVE-2024-35253 | Link Following vulnerability in Microsoft Azure File Sync Microsoft Azure File Sync Elevation of Privilege Vulnerability | 4.4 |
| 2024-06-11 | CVE-2024-35254 | Link Following vulnerability in Microsoft Azure Monitor Agent Azure Monitor Agent Elevation of Privilege Vulnerability | 7.1 |
| 2024-06-11 | CVE-2024-30093 | Link Following vulnerability in Microsoft products Windows Storage Elevation of Privilege Vulnerability | 7.3 |
| 2024-06-10 | CVE-2024-36305 | Link Following vulnerability in Trendmicro Apex ONE A security agent link following vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | 7.8 |
| 2024-06-10 | CVE-2024-36306 | Link Following vulnerability in Trendmicro Apex ONE A link following vulnerability in the Trend Micro Apex One and Apex One as a Service Damage Cleanup Engine could allow a local attacker to create a denial-of-service condition on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | 5.5 |
| 2024-06-10 | CVE-2024-27885 | Link Following vulnerability in Apple Macos This issue was addressed with improved validation of symlinks. | 6.3 |
| 2024-06-10 | CVE-2024-5102 | Link Following vulnerability in Avast Antivirus A sym-linked file accessed via the repair function in Avast Antivirus <24.2 on Windows may allow user to elevate privilege to delete arbitrary files or run processes as NT AUTHORITY\SYSTEM. The vulnerability exists within the "Repair" (settings -> troubleshooting -> repair) feature, which attempts to delete a file in the current user's AppData directory as NT AUTHORITY\SYSTEM. | 7.0 |
| 2024-05-14 | CVE-2024-32002 | Link Following vulnerability in GIT Git is a revision control system. | 9.0 |