Vulnerabilities > Improper Link Resolution Before File Access ('Link Following')

DATE CVE VULNERABILITY TITLE RISK
2024-08-21 CVE-2024-5928 Link Following vulnerability in Vipre Advanced Security 12.0.1.214
VIPRE Advanced Security PMAgent Link Following Local Privilege Escalation Vulnerability.
local
low complexity
vipre CWE-59
7.8
2024-07-29 CVE-2024-7249 Link Following vulnerability in Comodo Firewall 12.2.2.8012
Comodo Firewall Link Following Local Privilege Escalation Vulnerability.
local
low complexity
comodo CWE-59
7.8
2024-07-29 CVE-2024-7250 Link Following vulnerability in Comodo Internet Security 12.2.4.8032
Comodo Internet Security Pro cmdagent Link Following Local Privilege Escalation Vulnerability.
local
low complexity
comodo CWE-59
7.8
2024-07-29 CVE-2024-7251 Link Following vulnerability in Comodo Internet Security 12.2.4.8032
Comodo Internet Security Pro cmdagent Link Following Local Privilege Escalation Vulnerability.
local
low complexity
comodo CWE-59
7.8
2024-07-29 CVE-2024-7252 Link Following vulnerability in Comodo Internet Security 12.2.4.8032
Comodo Internet Security Pro cmdagent Link Following Local Privilege Escalation Vulnerability.
local
low complexity
comodo CWE-59
7.8
2024-07-25 CVE-2024-29069 Link Following vulnerability in Canonical Snapd
In snapd versions prior to 2.62, snapd failed to properly check the destination of symbolic links when extracting a snap.
local
low complexity
canonical CWE-59
7.3
2024-06-20 CVE-2024-6147 Link Following vulnerability in HP Poly Plantronics HUB 3.24.2
Poly Plantronics Hub Link Following Local Privilege Escalation Vulnerability.
local
low complexity
hp CWE-59
7.8
2024-06-10 CVE-2024-36305 Link Following vulnerability in Trendmicro Apex ONE
A security agent link following vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
local
low complexity
trendmicro CWE-59
7.8
2024-06-10 CVE-2024-36306 Link Following vulnerability in Trendmicro Apex ONE
A link following vulnerability in the Trend Micro Apex One and Apex One as a Service Damage Cleanup Engine could allow a local attacker to create a denial-of-service condition on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
local
low complexity
trendmicro CWE-59
5.5
2024-06-10 CVE-2024-27885 Link Following vulnerability in Apple Macos
This issue was addressed with improved validation of symlinks.
local
low complexity
apple CWE-59
6.3