Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dropbox vulnerabilities and exploits
(subscribe to this query)
231
VMScore
CVE-2014-8889
Dropbox SDK for Android prior to 1.6.2 might allow remote malicious users to obtain sensitive information via crafted malware or via a drive-by download attack.
Dropbox Dropbox Sdk 1.5.4
Dropbox Dropbox Sdk 1.6.1
614
VMScore
CVE-2018-12271
An issue exists in the com.getdropbox.Dropbox app 100.2 for iOS. The LAContext class for Biometric (TouchID) validation allows authentication bypass by overriding the LAContext return Boolean value to be "true" because the kSecAccessControlUserPresence protection mechan...
Dropbox Dropbox 100.2
294
VMScore
CVE-2018-12446
An issue exists in the com.dropbox.android application 98.2.2 for Android. The Passcode feature allows authentication bypass via runtime manipulation that forces a certain method's return value to true. In other words, an attacker could authenticate with an arbitrary passcod...
Dropbox Dropbox 98.2.2
614
VMScore
CVE-2010-3354
dropboxd in Dropbox 0.7.110 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
Dropbox Dropbox 0.7.110
294
VMScore
CVE-2018-12445
An issue exists in the com.dropbox.android application 98.2.2 for Android. The FingerprintManager class for Biometric validation allows authentication bypass through the callback method from onAuthenticationFailed to onAuthenticationSucceeded with null, because the fingerprint AP...
Dropbox Dropbox 98.2.2
383
VMScore
CVE-2019-12171
Dropbox.exe (and QtWebEngineProcess.exe in the Web Helper) in the Dropbox desktop application 71.4.108.0 store cleartext credentials in memory upon successful login or new account creation. These are not securely freed in the running process.
Dropbox Dropbox 71.4.108.0
383
VMScore
CVE-2014-9310
Cross-site scripting (XSS) vulnerability in the WordPress Backup to Dropbox plugin prior to 4.1 for WordPress.
Wordpress Backup To Dropbox Project Wordpress Backup To Dropbox
NA
CVE-2022-4768
A vulnerability was found in Dropbox merou. It has been classified as critical. Affected is the function add_public_key of the file grouper/public_key.py of the component SSH Public Key Handler. The manipulation of the argument public_key_str leads to injection. It is possible to...
Dropbox Merou
383
VMScore
CVE-2017-7448
The allocate_channel_framebuffer function in uncompressed_components.hh in Dropbox Lepton 1.2.1 allows remote malicious users to cause a denial of service (divide-by-zero error and application crash) via a malformed JPEG image.
Dropbox Lepton 1.2.1
605
VMScore
CVE-2022-26181
Dropbox Lepton v1.2.1-185-g2a08b77 exists to contain a heap-buffer-overflow in the function aligned_dealloc():src/lepton/bitops.cc:108.
Dropbox Lepton 1.2.1
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »