Vulnerabilities > Improper Link Resolution Before File Access ('Link Following')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-02-21 | CVE-2023-42942 | Link Following vulnerability in Apple products This issue was addressed with improved handling of symlinks. | 7.8 |
2024-02-06 | CVE-2023-32454 | Link Following vulnerability in Dell Update Package Framework 3.8.3.67/4.9.4.36 DUP framework version 4.9.4.36 and prior contains insecure operation on Windows junction/Mount point vulnerability. | 7.1 |
2024-02-06 | CVE-2023-32474 | Link Following vulnerability in Dell Display Manager 2.0.0/2.1.0/2.1.1 Dell Display Manager application, version 2.1.1.17 and prior, contain an insecure operation on windows junction/mount point. | 6.6 |
2024-02-05 | CVE-2023-52138 | Link Following vulnerability in Mate-Desktop Engrampa Engrampa is an archive manager for the MATE environment. | 9.6 |
2024-01-23 | CVE-2023-47192 | Link Following vulnerability in Trendmicro Apex ONE 2019 An agent link vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | 7.8 |
2024-01-23 | CVE-2023-52090 | Link Following vulnerability in Trendmicro Apex ONE A security agent link following vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | 7.8 |
2024-01-23 | CVE-2023-52091 | Link Following vulnerability in Trendmicro Apex ONE An anti-spyware engine link following vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | 7.8 |
2024-01-23 | CVE-2023-52092 | Link Following vulnerability in Trendmicro Apex ONE A security agent link following vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | 7.8 |
2024-01-23 | CVE-2023-52094 | Link Following vulnerability in Trendmicro Apex ONE An updater link following vulnerability in the Trend Micro Apex One agent could allow a local attacker to abuse the updater to delete an arbitrary folder, leading for a local privilege escalation on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | 7.8 |
2024-01-23 | CVE-2023-52338 | Link Following vulnerability in Trendmicro Deep Security and Deep Security Agent A link following vulnerability in the Trend Micro Deep Security 20.0 and Trend Micro Cloud One - Endpoint and Workload Security Agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | 7.8 |