Skip to main content

Dropbox

4 CVEs product

Monthly

CVE-2019-12171 HIGH POC This Week

Dropbox.exe (and QtWebEngineProcess.exe in the Web Helper) in the Dropbox desktop application 71.4.108.0 store cleartext credentials in memory upon successful login or new account creation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Dropbox
NVD
CVSS 3.0
7.8
EPSS
0.9%
CVE-2018-12446 LOW Monitor

An issue was discovered in the com.dropbox.android application 98.2.2 for Android. Rated low severity (CVSS 3.6). No vendor patch available.

Google Authentication Bypass Dropbox
NVD GitHub
CVSS 3.0
3.6
EPSS
0.3%
CVE-2018-12445 LOW Monitor

An issue was discovered in the com.dropbox.android application 98.2.2 for Android. Rated low severity (CVSS 3.1), this vulnerability is no authentication required. No vendor patch available.

Google Authentication Bypass Dropbox
NVD GitHub
CVSS 3.0
3.1
EPSS
0.3%
CVE-2018-12271 MEDIUM This Month

An issue was discovered in the com.getdropbox.Dropbox app 100.2 for iOS. Rated medium severity (CVSS 6.4), this vulnerability is no authentication required. No vendor patch available.

Authentication Bypass Apple Dropbox
NVD GitHub
CVSS 3.0
6.4
EPSS
0.4%
EPSS 1% CVSS 7.8
HIGH POC This Week

Dropbox.exe (and QtWebEngineProcess.exe in the Web Helper) in the Dropbox desktop application 71.4.108.0 store cleartext credentials in memory upon successful login or new account creation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Dropbox
NVD
EPSS 0% CVSS 3.6
LOW Monitor

An issue was discovered in the com.dropbox.android application 98.2.2 for Android. Rated low severity (CVSS 3.6). No vendor patch available.

Google Authentication Bypass Dropbox
NVD GitHub
EPSS 0% CVSS 3.1
LOW Monitor

An issue was discovered in the com.dropbox.android application 98.2.2 for Android. Rated low severity (CVSS 3.1), this vulnerability is no authentication required. No vendor patch available.

Google Authentication Bypass Dropbox
NVD GitHub
EPSS 0% CVSS 6.4
MEDIUM This Month

An issue was discovered in the com.getdropbox.Dropbox app 100.2 for iOS. Rated medium severity (CVSS 6.4), this vulnerability is no authentication required. No vendor patch available.

Authentication Bypass Apple Dropbox
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy