Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dropbox vulnerabilities and exploits
(subscribe to this query)
5.3
CVSSv3
CVE-2014-8889
Dropbox SDK for Android prior to 1.6.2 might allow remote malicious users to obtain sensitive information via crafted malware or via a drive-by download attack.
Dropbox Dropbox Sdk 1.5.4
Dropbox Dropbox Sdk 1.6.1
3.6
CVSSv3
CVE-2018-12446
An issue exists in the com.dropbox.android application 98.2.2 for Android. The Passcode feature allows authentication bypass via runtime manipulation that forces a certain method's return value to true. In other words, an attacker could authenticate with an arbitrary passcod...
Dropbox Dropbox 98.2.2
6.4
CVSSv3
CVE-2018-12271
An issue exists in the com.getdropbox.Dropbox app 100.2 for iOS. The LAContext class for Biometric (TouchID) validation allows authentication bypass by overriding the LAContext return Boolean value to be "true" because the kSecAccessControlUserPresence protection mechan...
Dropbox Dropbox 100.2
3.1
CVSSv3
CVE-2018-12445
An issue exists in the com.dropbox.android application 98.2.2 for Android. The FingerprintManager class for Biometric validation allows authentication bypass through the callback method from onAuthenticationFailed to onAuthenticationSucceeded with null, because the fingerprint AP...
Dropbox Dropbox 98.2.2
7.8
CVSSv3
CVE-2019-12171
Dropbox.exe (and QtWebEngineProcess.exe in the Web Helper) in the Dropbox desktop application 71.4.108.0 store cleartext credentials in memory upon successful login or new account creation. These are not securely freed in the running process.
Dropbox Dropbox 71.4.108.0
NA
CVE-2010-3354
dropboxd in Dropbox 0.7.110 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
Dropbox Dropbox 0.7.110
6.1
CVSSv3
CVE-2014-9310
Cross-site scripting (XSS) vulnerability in the WordPress Backup to Dropbox plugin prior to 4.1 for WordPress.
Wordpress Backup To Dropbox Project Wordpress Backup To Dropbox
9.8
CVSSv3
CVE-2022-4768
A vulnerability was found in Dropbox merou. It has been classified as critical. Affected is the function add_public_key of the file grouper/public_key.py of the component SSH Public Key Handler. The manipulation of the argument public_key_str leads to injection. It is possible to...
Dropbox Merou
5.5
CVSSv3
CVE-2017-8891
Dropbox Lepton 1.2.1 allows DoS (SEGV and application crash) via a malformed lepton file because the code does not ensure setup of a correct number of threads.
Dropbox Lepton 1.2.1
7.8
CVSSv3
CVE-2018-20819
io/ZlibCompression.cc in the decompression component in Dropbox Lepton 1.2.1 allows malicious users to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact by crafting a jpg image file. The root cause is a missing ...
Dropbox Lepton 1.2.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »