Vulnerabilities > Dropbox > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-06-13 | CVE-2024-5924 | Unspecified vulnerability in Dropbox Desktop 198.4.7615 Dropbox Desktop Folder Sharing Mark-of-the-Web Bypass Vulnerability. | 8.8 |
2022-02-28 | CVE-2022-26181 | Out-of-bounds Write vulnerability in Dropbox Lepton 1.2.1 Dropbox Lepton v1.2.1-185-g2a08b77 was discovered to contain a heap-buffer-overflow in the function aligned_dealloc():src/lepton/bitops.cc:108. | 7.8 |
2019-07-08 | CVE-2019-12171 | Insufficiently Protected Credentials vulnerability in Dropbox 71.4.108.0 Dropbox.exe (and QtWebEngineProcess.exe in the Web Helper) in the Dropbox desktop application 71.4.108.0 store cleartext credentials in memory upon successful login or new account creation. | 7.8 |
2019-04-23 | CVE-2018-20819 | Out-of-bounds Write vulnerability in Dropbox Lepton 1.2.1 io/ZlibCompression.cc in the decompression component in Dropbox Lepton 1.2.1 allows attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact by crafting a jpg image file. | 7.8 |