Vulnerabilities > Improper Link Resolution Before File Access ('Link Following')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-21 | CVE-2024-5928 | Link Following vulnerability in Vipre Advanced Security 12.0.1.214 VIPRE Advanced Security PMAgent Link Following Local Privilege Escalation Vulnerability. | 7.8 |
| 2024-07-29 | CVE-2024-7249 | Link Following vulnerability in Comodo Firewall 12.2.2.8012 Comodo Firewall Link Following Local Privilege Escalation Vulnerability. | 7.8 |
| 2024-07-29 | CVE-2024-7250 | Link Following vulnerability in Comodo Internet Security 12.2.4.8032 Comodo Internet Security Pro cmdagent Link Following Local Privilege Escalation Vulnerability. | 7.8 |
| 2024-07-29 | CVE-2024-7251 | Link Following vulnerability in Comodo Internet Security 12.2.4.8032 Comodo Internet Security Pro cmdagent Link Following Local Privilege Escalation Vulnerability. | 7.8 |
| 2024-07-29 | CVE-2024-7252 | Link Following vulnerability in Comodo Internet Security 12.2.4.8032 Comodo Internet Security Pro cmdagent Link Following Local Privilege Escalation Vulnerability. | 7.8 |
| 2024-07-25 | CVE-2024-29069 | Link Following vulnerability in Canonical Snapd In snapd versions prior to 2.62, snapd failed to properly check the destination of symbolic links when extracting a snap. | 7.3 |
| 2024-06-20 | CVE-2024-6147 | Link Following vulnerability in HP Poly Plantronics HUB 3.24.2 Poly Plantronics Hub Link Following Local Privilege Escalation Vulnerability. | 7.8 |
| 2024-06-10 | CVE-2024-36305 | Link Following vulnerability in Trendmicro Apex ONE A security agent link following vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | 7.8 |
| 2024-06-10 | CVE-2024-36306 | Link Following vulnerability in Trendmicro Apex ONE A link following vulnerability in the Trend Micro Apex One and Apex One as a Service Damage Cleanup Engine could allow a local attacker to create a denial-of-service condition on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | 5.5 |
| 2024-06-10 | CVE-2024-27885 | Link Following vulnerability in Apple Macos This issue was addressed with improved validation of symlinks. | 6.3 |