Vulnerabilities > Improper Link Resolution Before File Access ('Link Following')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-02-13 | CVE-2023-23697 | Link Following vulnerability in Dell Command | Intel Vpro OUT of Band Dell Command | Intel vPro Out of Band, versions before 4.4.0, contain an arbitrary folder delete vulnerability during uninstallation. | 3.3 |
| 2023-02-13 | CVE-2023-24572 | Link Following vulnerability in Dell Command | Integration Suite for System Center 6.2.0 Dell Command | Integration Suite for System Center, versions before 6.4.0 contain an arbitrary folder delete vulnerability during uninstallation. | 3.3 |
| 2023-02-12 | CVE-2022-42292 | Link Following vulnerability in Nvidia Geforce Experience NVIDIA GeForce Experience contains a vulnerability in the NVContainer component, where a user without administrator privileges can create a symbolic link to a file that requires elevated privileges to write to or modify, which may lead to denial of service, escalation of privilege or limited data tampering. | 7.8 |
| 2023-02-09 | CVE-2023-25168 | Link Following vulnerability in Pterodactyl Wings Wings is Pterodactyl's server control plane. | 8.2 |
| 2023-02-08 | CVE-2023-25152 | Link Following vulnerability in Pterodactyl Wings Wings is Pterodactyl's server control plane. | 8.8 |
| 2023-02-07 | CVE-2022-42291 | Link Following vulnerability in Nvidia Geforce Experience NVIDIA GeForce Experience contains a vulnerability in the installer, where a user installing the NVIDIA GeForce Experience software may inadvertently delete data from a linked location, which may lead to data tampering. | 5.5 |
| 2023-01-17 | CVE-2022-45440 | Link Following vulnerability in Zyxel Ax7501-B0 Firmware 5.17(Abpc.1)C0 A vulnerability exists in the FTP server of the Zyxel AX7501-B0 firmware prior to V5.17(ABPC.3)C0, which processes symbolic links on external storage media. | 4.4 |
| 2023-01-12 | CVE-2022-3592 | Link Following vulnerability in multiple products A symlink following vulnerability was found in Samba, where a user can create a symbolic link that will make 'smbd' escape the configured share path. | 6.5 |
| 2023-01-10 | CVE-2022-38482 | Link Following vulnerability in Mega Hopex 15.2.0.6110 A link-manipulation issue was discovered in Mega HOPEX 15.2.0.6110 before V5CP4. | 4.3 |
| 2023-01-03 | CVE-2022-36943 | Link Following vulnerability in Ssziparchive Project Ssziparchive SSZipArchive versions 2.5.3 and older contain an arbitrary file write vulnerability due to lack of sanitization on paths which are symlinks. | 8.1 |