Vulnerabilities > Seafile > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-07-29 | CVE-2020-16143 | Uncontrolled Search Path Element vulnerability in Seafile Seafile-Client 7.0.8 The seafile-client client 7.0.8 for Seafile is vulnerable to DLL hijacking because it loads exchndl.dll from the current working directory. | 7.8 |
| 2019-02-21 | CVE-2013-7469 | Inadequate Encryption Strength vulnerability in Seafile Seafile through 6.2.11 always uses the same Initialization Vector (IV) with Cipher Block Chaining (CBC) Mode to encrypt private data, making it easier to conduct chosen-plaintext attacks or dictionary attacks. | 7.5 |
| 2019-02-18 | CVE-2019-8919 | Use of Insufficiently Random Values vulnerability in Seafile Seadroid The seadroid (aka Seafile Android Client) application through 2.2.13 for Android always uses the same Initialization Vector (IV) with Cipher Block Chaining (CBC) Mode to encrypt private data, making it easier to conduct chosen-plaintext attacks or dictionary attacks. | 7.5 |
| 2018-03-19 | CVE-2014-5443 | Permissions, Privileges, and Access Controls vulnerability in Seafile Server Seafile Server before 3.1.2 and Server Professional Edition before 3.1.0 allow local users to gain privileges via vectors related to ccnet handling user accounts. | 7.8 |