Vulnerabilities > Improper Link Resolution Before File Access ('Link Following')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-05-29 | CVE-2020-7653 | Link Following vulnerability in Synk Broker All versions of snyk-broker before 4.80.0 are vulnerable to Arbitrary File Read. | 6.5 |
| 2020-05-21 | CVE-2020-6477 | Link Following vulnerability in multiple products Inappropriate implementation in installer in Google Chrome on OS X prior to 83.0.4103.61 allowed a local attacker to perform privilege escalation via a crafted file. | 7.8 |
| 2020-05-19 | CVE-2020-2024 | Link Following vulnerability in Katacontainers Runtime An improper link resolution vulnerability affects Kata Containers versions prior to 1.11.0. | 6.5 |
| 2020-05-11 | CVE-2020-5837 | Link Following vulnerability in Symantec Endpoint Protection Symantec Endpoint Protection, prior to 14.3, may not respect file permissions when writing to log files that are replaced by symbolic links, which can lead to a potential elevation of privilege. | 7.8 |
| 2020-04-29 | CVE-2020-11446 | Link Following vulnerability in Eset products ESET Antivirus and Antispyware Module module 1553 through 1560 allows a user with limited access rights to create hard links in some ESET directories and then force the product to write through these links into files that would normally not be write-able by the user, thus achieving privilege escalation. | 7.8 |
| 2020-04-26 | CVE-2020-12265 | Link Following vulnerability in Decompress Project Decompress The decompress package before 4.2.1 for Node.js is vulnerable to Arbitrary File Write via ../ in an archive member, when a symlink is used, because of Directory Traversal. | 9.8 |
| 2020-04-26 | CVE-2020-12254 | Link Following vulnerability in Avira Antivirus 1.0.2303.633 Avira Antivirus before 5.0.2003.1821 on Windows allows privilege escalation or a denial of service via abuse of a symlink. | 7.8 |
| 2020-04-22 | CVE-2020-8831 | Link Following vulnerability in multiple products Apport creates a world writable lock file with root ownership in the world writable /var/lock/apport directory. | 5.5 |
| 2020-04-21 | CVE-2020-8099 | Link Following vulnerability in Bitdefender Antivirus 2020 1.0.15.138 A vulnerability in the improper handling of junctions in Bitdefender Antivirus Free can allow an unprivileged user to substitute a quarantined file, and restore it to a privileged location. | 6.2 |
| 2020-04-17 | CVE-2020-10947 | Link Following vulnerability in Sophos products Mac Endpoint for Sophos Central before 9.9.6 and Mac Endpoint for Sophos Home before 2.2.6 allow Privilege Escalation. | 8.8 |