PT-2024-14933 · Hypr · Hypr Workforce Access

Name of the Vulnerable Software and Affected Versions: HYPR Workforce Access versions prior to 8.7 Description: The issue is related to an Improper Link Resolution Before File Access, also known as 'Link Following', which allows User-Controlled Filename. This affects HYPR Workforce Access on MacO...

PT-2024-14932 · Hypr · Hypr Workforce Access

Name of the Vulnerable Software and Affected Versions: HYPR Workforce Access versions prior to 8.7 Description: The issue is related to an Improper Link Resolution Before File Access, also known as 'Link Following', which allows user-controlled filename. This can potentially lead to unauthorized...

CVE-2023-51654

Improper link resolution before file access 'Link Following' issue exists in iPrint&Scan Desktop for Windows versions 11.0.0 and earlier. A symlink attack by a malicious user may cause a Denial-of-service DoS condition on the PC...

Input validation

Improper link resolution before file access 'Link Following' issue exists in iPrint&Scan Desktop for Windows versions 11.0.0 and earlier. A symlink attack by a malicious user may cause a Denial-of-service DoS condition on the PC...

Brother iPrint&Scan Desktop for Windows vulnerable to improper link resolution before file access

Overview iPrint Desktop for Windows provided by Brother Industries, Ltd. outputs logs to a certain log file. The affected version of the product does not check whether the log file is a normal file or a symbolic link to a certain file CWE-59. Chris Au reported this vulnerability to Brother...

Improper Link Resolution Before File Access (Leaky Vessels)

Overview Affected versions of this package are vulnerable to Improper Link Resolution Before File Access Leaky Vessels allowing arbitrary file deletion on the host system. A malicious BuildKit frontend or Dockerfile using RUN --mount could trick the feature that removes empty files created for th...

Medium: libarchive

Issue Overview: An improper link resolution flaw can occur while extracting an archive leading to changing modes, times, access control lists, and flags of a file outside of the archive. An attacker may provide a malicious archive to a victim user, who would trigger this flaw when trying to extra...

Amazon Linux 2 : libarchive (ALAS-2023-2374)

The version of libarchive installed on the remote host is prior to 3.1.2-14. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-2374 advisory. An improper link resolution flaw can occur while extracting an archive leading to changing modes, times, access control lists,...

PT-2023-9184 · Trend Micro · Trend Micro Apex One As A Service +1

Name of the Vulnerable Software and Affected Versions: Trend Micro Apex One affected versions not specified Trend Micro Apex One as a Service affected versions not specified Description: A security issue in Trend Micro Apex One and Apex One as a Service could allow a local attacker to disclose...

SUSE CVE-2023-6069

Improper Link Resolution Before File Access in GitHub repository froxlor/froxlor prior to 2.1.0...

CVE-2023-6069

Improper Link Resolution Before File Access in GitHub repository froxlor/froxlor prior to 2.1.0...

Input validation

Improper Link Resolution Before File Access in GitHub repository froxlor/froxlor prior to 2.1.0...

CVE-2023-6069 Improper Link Resolution Before File Access in froxlor/froxlor

Improper Link Resolution Before File Access in GitHub repository froxlor/froxlor prior to 2.1.0...

Rocky Linux 8 : libarchive (RLSA-2022:0892)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:0892 advisory. - An improper link resolution flaw while extracting an archive can lead to changing the access control list ACL of the target of the link. An attacker m...

PT-2023-9183 · Trend Micro · Trend Micro Apex One +1

Name of the Vulnerable Software and Affected Versions: Trend Micro Apex One affected versions not specified Trend Micro Apex One as a Service affected versions not specified Description: A link following issue in the Damage Cleanup Engine of Trend Micro Apex One and Apex One as a Service could...

openSUSE 15 Security Update : postfix (SUSE-SU-2023:3791-1)

The remote openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2023:3791-1 advisory. - A Improper Link Resolution Before File Access 'Link Following' vulnerability in SUSE SUSE Linux Enterprise Desktop 15 SP5 postfix, SUSE SUSE Linux Enterpri...

SUSE SLES12 Security Update : postfix (SUSE-SU-2023:3732-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:3732-1 advisory. - A Improper Link Resolution Before File Access 'Link Following' vulnerability in SUSE SUSE Linux Enterprise Desktop 15 SP5 postfix, SUSE SU...

CVE-2023-32182

A Improper Link Resolution Before File Access 'Link Following' vulnerability in SUSE SUSE Linux Enterprise Desktop 15 SP5 postfix, SUSE SUSE Linux Enterprise High Performance Computing 15 SP5 postfix, SUSE openSUSE Leap 15.5 postfix.This issue affects SUSE Linux Enterprise Desktop 15 SP5: before...

Input validation

A Improper Link Resolution Before File Access 'Link Following' vulnerability in SUSE SUSE Linux Enterprise Desktop 15 SP5 postfix, SUSE SUSE Linux Enterprise High Performance Computing 15 SP5 postfix, SUSE openSUSE Leap 15.5 postfix.This issue affects SUSE Linux Enterprise Desktop 15 SP5: before...

CVE-2023-32182

CVE-2023-32182 describes an improper Link Resolution Before File Access in postfix used by SUSE/OpenSUSE packages (SUSE SLED15/SLES15 SP5 and openSUSE Leap 15.5). The root cause is a link-following issue in the related config_postfix handling that could involve potentially unsafe /tmp usage. Affe...