Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dropbox vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2022-26181
Dropbox Lepton v1.2.1-185-g2a08b77 exists to contain a heap-buffer-overflow in the function aligned_dealloc():src/lepton/bitops.cc:108.
Dropbox Lepton 1.2.1
4.3
CVSSv2
CVE-2018-20820
read_ujpg in jpgcoder.cc in Dropbox Lepton 1.2.1 allows malicious users to cause a denial-of-service (application runtime crash because of an integer overflow) via a crafted file.
Dropbox Lepton 1.2.1
4.3
CVSSv2
CVE-2017-7448
The allocate_channel_framebuffer function in uncompressed_components.hh in Dropbox Lepton 1.2.1 allows remote malicious users to cause a denial of service (divide-by-zero error and application crash) via a malformed JPEG image.
Dropbox Lepton 1.2.1
4.3
CVSSv2
CVE-2018-12108
An issue exists in Dropbox Lepton 1.2.1. The validateAndCompress function in validation.cc allows remote malicious users to cause a denial of service (SIGFPE and application crash) via a malformed file.
Dropbox Lepton 1.2.1
NA
CVE-2023-4488
The Dropbox Folder Share for WordPress is vulnerable to Local File Inclusion in versions up to, and including, 1.9.7 via the editor-view.php file. This allows unauthenticated malicious users to include and execute arbitrary files on the server, allowing the execution of any PHP c...
Hynotech Dropbox Folder Share
NA
CVE-2023-3025
The Dropbox Folder Share plugin for WordPress is vulnerable to Server-Side Request Forgery in versions up to, and including, 1.9.7 via the 'link' parameter. This can allow unauthenticated malicious users to make web requests to arbitrary locations originating from the w...
Hynotech Dropbox Folder Share
7.5
CVSSv2
CVE-2007-0974
Multiple unspecified vulnerabilities in Ian Bezanson DropBox prior to 0.0.4 beta have unknown impact and attack vectors, possibly related to a variable extraction vulnerability.
Ian Bezanson Dropbox 0.0.3 Beta
9.3
CVSSv2
CVE-2007-3071
Buffer overflow in the GetWebStoreURL function in a certain ActiveX control in eSellerateControl365.dll 3.6.5.0 in eSellerate SDK allows user-assisted remote malicious users to execute arbitrary code via a long first argument.
Digital River Esellerate Sdk 3.6.5.0
2 EDB exploits
6.5
CVSSv2
CVE-2012-5471
The Dropbox Repository File Picker in Moodle 2.1.x prior to 2.1.9, 2.2.x prior to 2.2.6, and 2.3.x prior to 2.3.3 allows remote authenticated users to access the Dropbox of a different user by leveraging an unattended workstation after a logout.
Moodle Moodle 2.1.0
Moodle Moodle 2.1.8
Moodle Moodle 2.1.5
Moodle Moodle 2.1.4
Moodle Moodle 2.1.2
Moodle Moodle 2.1.6
Moodle Moodle 2.1.1
Moodle Moodle 2.1.7
Moodle Moodle 2.1.3
Moodle Moodle 2.2.5
Moodle Moodle 2.2.3
Moodle Moodle 2.2.2
Moodle Moodle 2.2.1
Moodle Moodle 2.2.4
Moodle Moodle 2.2.0
Moodle Moodle 2.3.0
Moodle Moodle 2.3.1
Moodle Moodle 2.3.2
4
CVSSv2
CVE-2015-4715
The fetch function in OAuth/Curl.php in Dropbox-PHP, as used in ownCloud Server prior to 6.0.8, 7.x prior to 7.0.6, and 8.x prior to 8.0.4 when an external Dropbox storage has been mounted, allows remote administrators of Dropbox.com to read arbitrary files via an @ (at sign) cha...
Owncloud Owncloud
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48700
CVE-2022-48689
CVE-2024-27956
CVE-2023-6363
SQL
NULL pointer dereference
CVE-2023-41830
CVE-2015-2051
arbitrary
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »