Vulnerabilities > Improper Link Resolution Before File Access ('Link Following')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-01-28 | CVE-2012-6114 | Link Following vulnerability in Git-Extras Project Git-Extras 1.7.0 The git-changelog utility in git-extras 1.7.0 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/changelog or (2) /tmp/.git-effort. | 5.5 |
| 2020-01-24 | CVE-2019-3699 | Link Following vulnerability in Privoxy UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of privoxy on openSUSE Leap 15.1, Factory allows local attackers to escalate from user privoxy to root. | 7.8 |
| 2020-01-24 | CVE-2019-3697 | Link Following vulnerability in multiple products UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of gnump3d in openSUSE Leap 15.1 allows local attackers to escalate from user gnump3d to root. | 7.8 |
| 2020-01-24 | CVE-2019-3694 | Link Following vulnerability in multiple products A Symbolic Link (Symlink) Following vulnerability in the packaging of munin in openSUSE Factory, Leap 15.1 allows local attackers to escalate from user munin to root. | 7.8 |
| 2020-01-24 | CVE-2019-3693 | Link Following vulnerability in multiple products A symlink following vulnerability in the packaging of mailman in SUSE Linux Enterprise Server 11, SUSE Linux Enterprise Server 12; openSUSE Leap 15.1 allowed local attackers to escalate their privileges from user wwwrun to root. | 7.8 |
| 2020-01-24 | CVE-2019-3692 | Link Following vulnerability in multiple products The packaging of inn on SUSE Linux Enterprise Server 11; openSUSE Factory, Leap 15.1 allows local attackers to escalate from user inn to root via symlink attacks. | 7.8 |
| 2020-01-23 | CVE-2019-3691 | Link Following vulnerability in Opensuse Munge A Symbolic Link (Symlink) Following vulnerability in the packaging of munge in SUSE Linux Enterprise Server 15; openSUSE Factory allowed local attackers to escalate privileges from user munge to root. | 7.8 |
| 2020-01-23 | CVE-2019-18898 | Link Following vulnerability in multiple products UNIX Symbolic Link (Symlink) Following vulnerability in the trousers package of SUSE Linux Enterprise Server 15 SP1; openSUSE Factory allowed local attackers escalate privileges from user tss to root. | 7.8 |
| 2020-01-21 | CVE-2020-7040 | Link Following vulnerability in multiple products storeBackup.pl in storeBackup through 3.5 relies on the /tmp/storeBackup.lock pathname, which allows symlink attacks that possibly lead to privilege escalation. | 8.1 |
| 2020-01-21 | CVE-2019-18932 | Link Following vulnerability in multiple products log.c in Squid Analysis Report Generator (sarg) through 2.3.11 allows local privilege escalation. | 7.0 |