Vulnerabilities > Dropbox > Medium

DATE CVE VULNERABILITY TITLE RISK
2019-04-23 CVE-2018-20820 Integer Overflow or Wraparound vulnerability in Dropbox Lepton 1.2.1
read_ujpg in jpgcoder.cc in Dropbox Lepton 1.2.1 allows attackers to cause a denial-of-service (application runtime crash because of an integer overflow) via a crafted file.
local
low complexity
dropbox CWE-190
5.5
2018-06-13 CVE-2018-12271 Improper Authentication vulnerability in Dropbox 100.2
An issue was discovered in the com.getdropbox.Dropbox app 100.2 for iOS.
high complexity
dropbox CWE-287
6.4
2018-06-11 CVE-2018-12108 Improper Input Validation vulnerability in Dropbox Lepton 1.2.1
An issue was discovered in Dropbox Lepton 1.2.1.
local
low complexity
dropbox CWE-20
5.5
2017-09-26 CVE-2014-8889 Information Exposure vulnerability in Dropbox SDK 1.5.4/1.6.1
Dropbox SDK for Android before 1.6.2 might allow remote attackers to obtain sensitive information via crafted malware or via a drive-by download attack.
network
high complexity
dropbox CWE-200
5.3
2017-05-10 CVE-2017-8891 DEPRECATED: Use of Uninitialized Resource vulnerability in Dropbox Lepton 1.2.1
Dropbox Lepton 1.2.1 allows DoS (SEGV and application crash) via a malformed lepton file because the code does not ensure setup of a correct number of threads.
local
low complexity
dropbox CWE-1187
5.5
2017-04-05 CVE-2017-7448 Divide By Zero vulnerability in Dropbox Lepton 1.2.1
The allocate_channel_framebuffer function in uncompressed_components.hh in Dropbox Lepton 1.2.1 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a malformed JPEG image.
local
low complexity
dropbox CWE-369
5.5