9 matches found
EUVD-2024-46111
Malicious code in bioql PyPI...
CVE-2024-52270
User Interface UI Misrepresentation of Critical Information vulnerability in DropBox SignHelloSign allows Content Spoofing. Displayed version does not show the layer flattened version, once download, If printed e.g. via Google Chrome - Examine the print preview: Will render the vulnerability only...
CVE-2024-52270
User Interface UI Misrepresentation of Critical Information vulnerability in DropBox SignHelloSign allows Content Spoofing. Displayed version does not show the layer flattened version, once download, If printed e.g. via Google Chrome - Examine the print preview: Will render the vulnerability only...
CVE-2024-52270 PDF Document Spoofing in DropBox Sign(HelloSign)
User Interface UI Misrepresentation of Critical Information vulnerability in DropBox SignHelloSign allows Content Spoofing. Displayed version does not show the layer flattened version, once download, If printed e.g. via Google Chrome - Examine the print preview: Will render the vulnerability only...
CVE-2024-52270
DropBox Sign (HelloSign) is affected by a UI misrepresentation vulnerability (Content Spoofing) affecting versions through 2024-12-04. The issue is observed when printing the UI; the layered content is not flattened in print previews, potentially enabling spoofed content disclosure. Concrete deta...
DropBox Sign 安全漏洞
DropBox Sign DropBox HelloSign is a DropBox company that sends, receives and manages legally binding electronic signatures. A security vulnerability exists in DropBox Sign versions 2024-12-04 and earlier that stems from a misrepresentation of a user interface critical information vulnerability th...
PT-2024-35141 · Dropbox · Dropbox Sign
Name of the Vulnerable Software and Affected Versions: DropBox SignHelloSign versions through 2024-12-04 Description: The issue is related to a User Interface UI Misrepresentation of Critical Information vulnerability, allowing Content Spoofing. The displayed version does not show the layer...
Dropbox Sign customer data accessed in breach
Dropbox is reporting a recent "security incident" in which an attacker gained unauthorized access to the Dropbox Sign formerly HelloSign production environment. During this access, the attacker had access to Dropbox Sign customer information. Dropbox Sign is a platform that allows customers to...
MAL-2023-4 Malicious code in eslint-plugin-dropbox-sign (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ef0b78a956b34b6e0c3db65f1f623e28b0e80753ffae8ea19c75e4217f1dc0b8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...