Vulnerabilities > Improper Link Resolution Before File Access ('Link Following')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-11-18 | CVE-2008-7273 | Link Following vulnerability in Getfiregpg Iceweasel-Firegpg A symlink issue exists in Iceweasel-firegpg before 0.6 due to insecure tempfile handling. | 7.8 |
| 2019-11-14 | CVE-2011-1136 | Link Following vulnerability in multiple products In tesseract 2.03 and 2.04, an attacker can rewrite an arbitrary user file by guessing the PID and creating a link to the user's file. | 4.7 |
| 2019-11-13 | CVE-2010-4817 | Link Following vulnerability in multiple products pithos before 0.3.5 allows overwrite of arbitrary files via symlinks. | 5.5 |
| 2019-11-13 | CVE-2019-18837 | Link Following vulnerability in multiple products An issue was discovered in crun before 0.10.5. | 8.6 |
| 2019-11-13 | CVE-2013-4655 | Link Following vulnerability in Belkin N900 Firmware Symlink Traversal vulnerability in Belkin N900 due to misconfiguration in the SMB service. | 7.5 |
| 2019-11-12 | CVE-2010-3095 | Link Following vulnerability in Mailscanner mailscanner before 4.79.11-2.1 might allow local users to overwrite arbitrary files via a symlink attack on certain temporary files. | 4.7 |
| 2019-11-12 | CVE-2019-1425 | Link Following vulnerability in Microsoft Visual Studio 2017 and Visual Studio 2019 An elevation of privilege vulnerability exists when Visual Studio fails to properly validate hardlinks while extracting archived files, aka 'Visual Studio Elevation of Privilege Vulnerability'. | 6.5 |
| 2019-11-12 | CVE-2019-1423 | Link Following vulnerability in Microsoft Windows 10 1903 An elevation of privilege vulnerability exists in the way that the StartTileData.dll handles file creation in protected locations, aka 'Windows Elevation of Privilege Vulnerability'. | 7.8 |
| 2019-11-12 | CVE-2019-1422 | Link Following vulnerability in Microsoft products An elevation of privilege vulnerability exists in the way that the iphlpsvc.dll handles file creation allowing for a file overwrite, aka 'Windows Elevation of Privilege Vulnerability'. | 7.8 |
| 2019-11-12 | CVE-2019-1385 | Link Following vulnerability in Microsoft products An elevation of privilege vulnerability exists when the Windows AppX Deployment Extensions improperly performs privilege management, resulting in access to system files.To exploit this vulnerability, an authenticated attacker would need to run a specially crafted application to elevate privileges.The security update addresses the vulnerability by correcting how AppX Deployment Extensions manages privileges., aka 'Windows AppX Deployment Extensions Elevation of Privilege Vulnerability'. | 7.8 |