Vulnerabilities > Improper Link Resolution Before File Access ('Link Following')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-01-14 | CVE-2020-0616 | Link Following vulnerability in Microsoft products A denial of service vulnerability exists when Windows improperly handles hard links, aka 'Microsoft Windows Denial of Service Vulnerability'. | 5.5 |
| 2020-01-14 | CVE-2015-3147 | Link Following vulnerability in Redhat products daemon/abrt-handle-upload.in in Automatic Bug Reporting Tool (ABRT), when moving problem reports from /var/spool/abrt-upload, allows local users to write to arbitrary files or possibly have other unspecified impact via a symlink attack on (1) /var/spool/abrt or (2) /var/tmp/abrt. | 6.5 |
| 2020-01-14 | CVE-2015-1869 | Link Following vulnerability in Redhat Automatic BUG Reporting Tool The default event handling scripts in Automatic Bug Reporting Tool (ABRT) allow local users to gain privileges as demonstrated by a symlink attack on a var_log_messages file. | 7.8 |
| 2019-12-27 | CVE-2019-16896 | Link Following vulnerability in K7Computing K7 Ultimate Security 16.0.0117 In K7 Ultimate Security 16.0.0117, the module K7BKCExt.dll (aka the backup module) improperly validates the administrative privileges of the user, allowing an arbitrary file write via a symbolic link attack with file restoration functionality. | 7.8 |
| 2019-12-24 | CVE-2019-19695 | Link Following vulnerability in Trendmicro Antivirus 9.0/9.0.1379 A privilege escalation vulnerability in Trend Micro Antivirus for Mac 2019 (v9.0.1379 and below) could potentially allow an attacker to create a symbolic link to a target file and modify it. | 7.5 |
| 2019-12-23 | CVE-2019-8463 | Link Following vulnerability in Checkpoint Endpoint Security Clients E81.00 A denial of service vulnerability was reported in Check Point Endpoint Security Client for Windows before E82.10, that could allow service log file to be written to non-standard locations. | 7.5 |
| 2019-12-23 | CVE-2019-6679 | Link Following vulnerability in F5 products On BIG-IP versions 15.0.0-15.0.1, 14.1.0.2-14.1.2.2, 14.0.0.5-14.0.1, 13.1.1.5-13.1.3.1, 12.1.4.1-12.1.5, 11.6.4-11.6.5, and 11.5.9-11.5.10, the access controls implemented by scp.whitelist and scp.blacklist are not properly enforced for paths that are symlinks. | 3.3 |
| 2019-12-20 | CVE-2019-19693 | Link Following vulnerability in Trendmicro products The Trend Micro Security 2020 consumer family of products contains a vulnerability that could allow a local attacker to disclose sensitive information or to create a denial-of-service condition on affected installations. | 7.1 |
| 2019-12-18 | CVE-2019-8789 | Link Following vulnerability in Apple Iphone OS A validation issue existed in the handling of symlinks. | 5.5 |
| 2019-12-18 | CVE-2019-8568 | Link Following vulnerability in Apple products A validation issue existed in the handling of symlinks. | 5.5 |