Vulnerabilities > Improper Link Resolution Before File Access ('Link Following')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-10-29 | CVE-2011-1408 | Link Following vulnerability in multiple products ikiwiki before 3.20110608 allows remote attackers to hijack root's tty and run symlink attacks. | 8.2 |
| 2019-10-29 | CVE-2012-2945 | Link Following vulnerability in Apache Hadoop 1.0.3 Hadoop 1.0.3 contains a symlink vulnerability. | 7.5 |
| 2019-10-28 | CVE-2019-18466 | Link Following vulnerability in Libpod Project Libpod An issue was discovered in Podman in libpod before 1.6.0. | 5.5 |
| 2019-10-17 | CVE-2019-15627 | Link Following vulnerability in Trendmicro Deep Security 10.0/11.0/12.0 Versions 10.0, 11.0 and 12.0 of the Trend Micro Deep Security Agent are vulnerable to an arbitrary file delete attack, which may lead to availability impact. | 7.1 |
| 2019-10-10 | CVE-2019-1339 | Link Following vulnerability in Microsoft products An elevation of privilege vulnerability exists when Windows Error Reporting manager improperly handles hard links, aka 'Windows Error Reporting Manager Elevation of Privilege Vulnerability'. | 7.8 |
| 2019-10-10 | CVE-2019-1317 | Link Following vulnerability in Microsoft products A denial of service vulnerability exists when Windows improperly handles hard links, aka 'Microsoft Windows Denial of Service Vulnerability'. | 7.3 |
| 2019-10-10 | CVE-2019-1315 | Link Following vulnerability in Microsoft products An elevation of privilege vulnerability exists when Windows Error Reporting manager improperly handles hard links, aka 'Windows Error Reporting Manager Elevation of Privilege Vulnerability'. | 7.8 |
| 2019-09-25 | CVE-2019-12672 | Link Following vulnerability in Cisco IOS 16.9.1 A vulnerability in the filesystem of Cisco IOS XE Software could allow an authenticated, local attacker with physical access to an affected device to execute arbitrary code on the underlying operating system (OS) with root privileges. | 6.8 |
| 2019-09-11 | CVE-2019-1280 | Link Following vulnerability in Microsoft products A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a .LNK file is processed.An attacker who successfully exploited this vulnerability could gain the same user rights as the local user, aka 'LNK Remote Code Execution Vulnerability'. | 7.8 |
| 2019-09-11 | CVE-2019-1270 | Link Following vulnerability in Microsoft products An elevation of privilege vulnerability exists in Windows store installer where WindowsApps directory is vulnerable to symbolic link attack, aka 'Microsoft Windows Store Installer Elevation of Privilege Vulnerability'. | 5.5 |