Vulnerabilities > Improper Link Resolution Before File Access ('Link Following')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-10 | CVE-2024-36306 | Link Following vulnerability in Trendmicro Apex ONE A link following vulnerability in the Trend Micro Apex One and Apex One as a Service Damage Cleanup Engine could allow a local attacker to create a denial-of-service condition on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | 5.5 |
| 2024-06-10 | CVE-2024-27885 | Link Following vulnerability in Apple Macos This issue was addressed with improved validation of symlinks. | 6.3 |
| 2024-06-10 | CVE-2024-5102 | Link Following vulnerability in Avast Antivirus A sym-linked file accessed via the repair function in Avast Antivirus <24.2 on Windows may allow user to elevate privilege to delete arbitrary files or run processes as NT AUTHORITY\SYSTEM. The vulnerability exists within the "Repair" (settings -> troubleshooting -> repair) feature, which attempts to delete a file in the current user's AppData directory as NT AUTHORITY\SYSTEM. | 7.0 |
| 2024-05-14 | CVE-2024-32002 | Link Following vulnerability in GIT Git is a revision control system. | 9.0 |
| 2024-05-03 | CVE-2023-34283 | Link Following vulnerability in Netgear Rax30 Firmware NETGEAR RAX30 USB Share Link Following Information Disclosure Vulnerability. | 4.6 |
| 2024-03-28 | CVE-2024-25952 | Link Following vulnerability in Dell Powerscale Onefs Dell PowerScale OneFS versions 8.2.2.x through 9.7.0.x contains an UNIX symbolic link (symlink) following vulnerability. | 6.0 |
| 2024-03-28 | CVE-2024-25953 | Link Following vulnerability in Dell Powerscale Onefs Dell PowerScale OneFS versions 9.4.0.x through 9.7.0.x contains an UNIX symbolic link (symlink) following vulnerability. | 6.0 |
| 2024-03-08 | CVE-2024-23285 | Link Following vulnerability in Apple Macos This issue was addressed with improved handling of symlinks. | 5.5 |
| 2024-02-21 | CVE-2023-42942 | Link Following vulnerability in Apple products This issue was addressed with improved handling of symlinks. | 7.8 |
| 2024-02-06 | CVE-2023-32454 | Link Following vulnerability in Dell Update Package Framework 3.8.3.67/4.9.4.36 DUP framework version 4.9.4.36 and prior contains insecure operation on Windows junction/Mount point vulnerability. | 7.1 |