Vulnerabilities > Improper Link Resolution Before File Access ('Link Following')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-08-26 | CVE-2018-20990 | Link Following vulnerability in TAR Project TAR An issue was discovered in the tar crate before 0.4.16 for Rust. | 7.5 |
| 2019-08-20 | CVE-2018-1634 | Link Following vulnerability in IBM Informix Dynamic Server 12.10 IBM Informix Dynamic Server Enterprise Edition 12.1 could allow a local user logged in with database administrator user to gain root privileges through a symbolic link vulnerability in infos.DBSERVERNAME. | 6.7 |
| 2019-08-20 | CVE-2018-1633 | Link Following vulnerability in IBM Informix Dynamic Server 12.10 IBM Informix Dynamic Server Enterprise Edition 12.1 could allow a local user logged in with database administrator user to gain root privileges through a symbolic link vulnerability in onsrvapd. | 6.7 |
| 2019-08-20 | CVE-2018-1632 | Link Following vulnerability in IBM Informix Dynamic Server 12.10 IBM Informix Dynamic Server Enterprise Edition 12.1 could allow a local user logged in with database administrator user to gain root privileges through a symbolic link vulnerability in .infxdirs. | 6.7 |
| 2019-08-20 | CVE-2018-1631 | Link Following vulnerability in IBM Informix Dynamic Server 12.1 IBM Informix Dynamic Server Enterprise Edition 12.1 could allow a local user logged in with database administrator user to gain root privileges through a symbolic link vulnerability in oninit mongohash. | 6.7 |
| 2019-08-20 | CVE-2018-1630 | Link Following vulnerability in IBM Informix Dynamic Server 12.1 IBM Informix Dynamic Server Enterprise Edition 12.1 could allow a local user logged in with database administrator user to gain root privileges through a symbolic link vulnerability in onmode. | 6.7 |
| 2019-08-06 | CVE-2019-5683 | Link Following vulnerability in Nvidia GPU Driver NVIDIA Windows GPU Display Driver (all versions) contains a vulnerability in the user mode video driver trace logger component. | 7.8 |
| 2019-07-30 | CVE-2019-10152 | Link Following vulnerability in multiple products A path traversal vulnerability has been discovered in podman before version 1.4.0 in the way it handles symlinks inside containers. | 7.2 |
| 2019-07-26 | CVE-2019-13382 | Link Following vulnerability in Techsmith Snagit 2019.1.2 UploaderService in SnagIT 2019.1.2 allows elevation of privilege by placing an invalid presentation file in %PROGRAMDATA%\TechSmith\TechSmith Recorder\QueuedPresentations and then creating a symbolic link in %PROGRAMDATA%\Techsmith\TechSmith Recorder\InvalidPresentations that points to an arbitrary folder with an arbitrary file name. | 7.8 |
| 2019-07-18 | CVE-2019-11230 | Link Following vulnerability in Avast Antivirus In Avast Antivirus before 19.4, a local administrator can trick the product into renaming arbitrary files by replacing the Logs\Update.log file with a symlink. | 4.4 |