Vulnerabilities > Improper Link Resolution Before File Access ('Link Following')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-06-30 | CVE-2020-15401 | Link Following vulnerability in Iobit Malware Fighter 8.0.2.547 IOBit Malware Fighter Pro 8.0.2.547 allows local users to gain privileges for file deletion by manipulating malicious flagged file locations with an NTFS junction and an Object Manager symbolic link. | 4.4 |
| 2020-06-22 | CVE-2020-14990 | Link Following vulnerability in Iobit Advanced Systemcare 13.5.0.263 IOBit Advanced SystemCare Free 13.5.0.263 allows local users to gain privileges for file deletion by manipulating the Clean & Optimize feature with an NTFS junction and an Object Manager symbolic link. | 7.1 |
| 2020-06-12 | CVE-2020-14004 | Link Following vulnerability in multiple products An issue was discovered in Icinga2 before v2.12.0-rc1. | 7.8 |
| 2020-06-10 | CVE-2020-2026 | Link Following vulnerability in multiple products A malicious guest compromised before a container creation (e.g. | 8.8 |
| 2020-06-05 | CVE-2020-8103 | Link Following vulnerability in Bitdefender Antivirus 2020 1.0.15.138/1.0.17/1.0.17.169 A vulnerability in the improper handling of symbolic links in Bitdefender Antivirus Free can allow an unprivileged user to substitute a quarantined file, and restore it to a privileged location. | 7.1 |
| 2020-06-04 | CVE-2020-13833 | Link Following vulnerability in Google Android An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. | 9.1 |
| 2020-06-03 | CVE-2020-3237 | Link Following vulnerability in Cisco IOX A vulnerability in the Cisco Application Framework component of the Cisco IOx application environment could allow an authenticated, local attacker to overwrite arbitrary files in the virtual instance that is running on the affected device. | 6.3 |
| 2020-06-03 | CVE-2020-3223 | Link Following vulnerability in Cisco IOS XE A vulnerability in the web-based user interface (web UI) of Cisco IOS XE Software could allow an authenticated, remote attacker with administrative privileges to read arbitrary files on the underlying filesystem of the device. | 4.9 |
| 2020-05-29 | CVE-2020-7653 | Link Following vulnerability in Synk Broker All versions of snyk-broker before 4.80.0 are vulnerable to Arbitrary File Read. | 6.5 |
| 2020-05-21 | CVE-2020-6477 | Link Following vulnerability in multiple products Inappropriate implementation in installer in Google Chrome on OS X prior to 83.0.4103.61 allowed a local attacker to perform privilege escalation via a crafted file. | 7.8 |