CVE-2019-12171

Dropbox.exe and QtWebEngineProcess.exe in the Web Helper in the Dropbox desktop application 71.4.108.0 store cleartext credentials in memory upon successful login or new account creation. These are not securely freed in the running process...

CVE-2017-8891

Dropbox Lepton 1.2.1 allows DoS SEGV and application crash via a malformed lepton file because the code does not ensure setup of a correct number of threads...

CVE-2010-3354

dropboxd in Dropbox 0.7.110 places a zero-length directory name in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory...

CVE-2018-20820

readujpg in jpgcoder.cc in Dropbox Lepton 1.2.1 allows attackers to cause a denial-of-service application runtime crash because of an integer overflow via a crafted file...

CVE-2018-12108

An issue was discovered in Dropbox Lepton 1.2.1. The validateAndCompress function in validation.cc allows remote attackers to cause a denial of service SIGFPE and application crash via a malformed file...

The vulnerability of Dropbox’s repository in the virtual learning environment Moodle allows a perpetrator to execute arbitrary code.

The vulnerability of Dropbox’s virtual learning environment Moodle is related to improper code generation management. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

Remote Code Execution (RCE)

moodle/moodle is vulnerable to Remote Code Execution RCE. The vulnerability is due to improper access control in the Moodle LMS Dropbox repository, allows teachers and managers, by default, to have access to the affected functionality, creating an opportunity for remote code execution...

Arbitrary Code Injection

Overview moodle/moodle is a learning platform. Affected versions of this package are vulnerable to Arbitrary Code Injection via the Moodle LMS Dropbox repository. An attacker can execute arbitrary code by exploiting insufficient input validation and code sanitization mechanisms. Note: This is onl...

GHSA-C8V6-VXHF-WCRR Moodle has an authenticated remote code execution risk in the Moodle LMS Dropbox repository

A flaw was found in Moodle. A remote code execution risk was identified in the Moodle LMS Dropbox repository. By default, this was only available to teachers and managers on sites with the Dropbox repository enabled...

Moodle has an authenticated remote code execution risk in the Moodle LMS Dropbox repository

A flaw was found in Moodle. A remote code execution risk was identified in the Moodle LMS Dropbox repository. By default, this was only available to teachers and managers on sites with the Dropbox repository enabled...

CVE-2025-3641

A flaw was found in Moodle. A remote code execution risk was identified in the Moodle LMS Dropbox repository. By default, this was only available to teachers and managers on sites with the Dropbox repository enabled...

CVE-2025-3641

A flaw was found in Moodle. A remote code execution risk was identified in the Moodle LMS Dropbox repository. By default, this was only available to teachers and managers on sites with the Dropbox repository enabled...

UBUNTU-CVE-2025-3641

A flaw was found in Moodle. A remote code execution risk was identified in the Moodle LMS Dropbox repository. By default, this was only available to teachers and managers on sites with the Dropbox repository enabled...

CVE-2025-3641 Moodle: authenticated remote code execution risk in the moodle lms dropbox repository

A flaw was found in Moodle. A remote code execution risk was identified in the Moodle LMS Dropbox repository. By default, this was only available to teachers and managers on sites with the Dropbox repository enabled...

CVE-2025-3641

CVE-2025-3641 affects Moodle (Moodle LMS) with a remote code execution risk in the Dropbox repository. By default, this is limited to sites where the Dropbox repository is enabled and accessible only to teachers and managers. The provided metrics indicate a high severity (CVSS 3.1: 8.8, Impact: c...

CVE-2025-3641 Moodle: authenticated remote code execution risk in the moodle lms dropbox repository

A flaw was found in Moodle. A remote code execution risk was identified in the Moodle LMS Dropbox repository. By default, this was only available to teachers and managers on sites with the Dropbox repository enabled...

PT-2025-17625 · Dropbox · Dropbox

Name of the Vulnerable Software and Affected Versions: Dropbox affected versions not specified Description: The issue concerns an authentication bypass in Dropbox. No specific details about the technical aspects of the issue, such as API endpoints, vulnerable parameters, or function names, are...

CVE-2025-3641

A flaw was found in Moodle. A remote code execution risk was identified in the Moodle LMS Dropbox repository. By default, this was only available to teachers and managers on sites with the Dropbox repository enabled...

PT-2025-17916

Name of the Vulnerable Software and Affected Versions Moodle affected versions not specified Description A flaw was found in Moodle, specifically a remote code execution risk in the Moodle LMS Dropbox repository. This risk is only available to teachers and managers on sites with the Dropbox...

Moodle 代码注入漏洞

Moodle is Moodle open source set of free e-learning software platform, also known as course management system, learning management system or virtual learning environment. Moodle suffers from a code injection vulnerability that stems from a security issue in the Moodle LMS Dropbox repository that...