Vulnerabilities > Improper Link Resolution Before File Access ('Link Following')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-12-23 | CVE-2019-8463 | Link Following vulnerability in Checkpoint Endpoint Security Clients E81.00 A denial of service vulnerability was reported in Check Point Endpoint Security Client for Windows before E82.10, that could allow service log file to be written to non-standard locations. | 7.5 |
| 2019-12-23 | CVE-2019-6679 | Link Following vulnerability in F5 products On BIG-IP versions 15.0.0-15.0.1, 14.1.0.2-14.1.2.2, 14.0.0.5-14.0.1, 13.1.1.5-13.1.3.1, 12.1.4.1-12.1.5, 11.6.4-11.6.5, and 11.5.9-11.5.10, the access controls implemented by scp.whitelist and scp.blacklist are not properly enforced for paths that are symlinks. | 3.3 |
| 2019-12-20 | CVE-2019-19693 | Link Following vulnerability in Trendmicro products The Trend Micro Security 2020 consumer family of products contains a vulnerability that could allow a local attacker to disclose sensitive information or to create a denial-of-service condition on affected installations. | 7.1 |
| 2019-12-18 | CVE-2019-8789 | Link Following vulnerability in Apple Iphone OS A validation issue existed in the handling of symlinks. | 5.5 |
| 2019-12-18 | CVE-2019-8568 | Link Following vulnerability in Apple products A validation issue existed in the handling of symlinks. | 5.5 |
| 2019-12-16 | CVE-2019-10773 | Link Following vulnerability in Yarnpkg Yarn In Yarn before 1.21.1, the package install functionality can be abused to generate arbitrary symlinks on the host filesystem by using specially crafted "bin" keys. | 7.8 |
| 2019-12-11 | CVE-2019-18232 | Link Following vulnerability in Gemalto Sentinel LDK License Manager SafeNet Sentinel LDK License Manager, all versions prior to 7.101(only Microsoft Windows versions are affected) is vulnerable when configured as a service. | 7.8 |
| 2019-12-10 | CVE-2019-1483 | Link Following vulnerability in Microsoft products An elevation of privilege vulnerability exists when the Windows AppX Deployment Server improperly handles junctions.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Elevation of Privilege Vulnerability'. | 7.8 |
| 2019-12-10 | CVE-2013-4184 | Link Following vulnerability in multiple products Perl module Data::UUID from CPAN version 1.219 vulnerable to symlink attacks | 5.5 |
| 2019-12-05 | CVE-2019-7183 | Link Following vulnerability in Qnap QTS This improper link resolution vulnerability allows remote attackers to access system files. | 9.8 |