Vulnerabilities > Improper Link Resolution Before File Access ('Link Following')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-08-01 | CVE-2018-10897 | Link Following vulnerability in multiple products A directory traversal issue was found in reposync, a part of yum-utils, where reposync fails to sanitize paths in remote repository configuration files. | 8.1 |
| 2018-08-01 | CVE-2016-8641 | Link Following vulnerability in Nagios A privilege escalation vulnerability was found in nagios 4.2.x that occurs in daemon-init.in when creating necessary files and insecurely changing the ownership afterwards. | 7.8 |
| 2018-07-27 | CVE-2017-15097 | Link Following vulnerability in Redhat products Privilege escalation flaws were found in the Red Hat initialization scripts of PostgreSQL. | 6.7 |
| 2018-07-27 | CVE-2016-9595 | Link Following vulnerability in multiple products A flaw was found in katello-debug before 3.4.0 where certain scripts and log files used insecure temporary files. | 5.5 |
| 2018-07-24 | CVE-2018-14335 | Link Following vulnerability in H2Database H2 1.4.197 An issue was discovered in H2 1.4.197. | 6.5 |
| 2018-07-20 | CVE-2014-4150 | Link Following vulnerability in S48 Scheme48 The scheme48-send-definition function in cmuscheme48.el in Scheme 48 allows local users to write to arbitrary files via a symlink attack on /tmp/s48lose.tmp. | 5.5 |
| 2018-07-19 | CVE-2014-0243 | Link Following vulnerability in Check MK Project Check MK Check_MK through 1.2.5i2p1 allows local users to read arbitrary files via a symlink attack to a file in /var/lib/check_mk_agent/job. | 5.5 |
| 2018-07-17 | CVE-2018-14329 | Link Following vulnerability in Htslib 1.8 In HTSlib 1.8, a race condition in cram/cram_io.c might allow local users to overwrite arbitrary files via a symlink attack. | 4.7 |
| 2018-07-03 | CVE-2018-11637 | Link Following vulnerability in Dialogic Powermedia XMS 3.5 Information leakage vulnerability in the administrative console in Dialogic PowerMedia XMS through 3.5 allows remote attackers to read arbitrary files from the /var/ directory because a symlink exists under the web root. | 7.5 |
| 2018-07-02 | CVE-2018-13054 | Link Following vulnerability in multiple products An issue was discovered in Cinnamon 1.9.2 through 3.8.6. | 8.1 |