ROS-20251201-01

A vulnerability in the Core component of the Oracle VM VirtualBox virtualization software tool is related to insufficient protection of service data. Exploitation of the vulnerability could allow an attacker to gain unauthorized access to protected information Vulnerability of Core component of...

CVE-2025-53939

Kiteworks is a private data network PDN. Prior to version 9.1.0, improper input validation when managing roles of a shared folder could lead to unexpectedly elevate another user's permissions on the share. This issue has been patched in version 9.1.0...

EUVD-2025-199894

Kiteworks is a private data network PDN. Prior to version 9.1.0, improper input validation when managing roles of a shared folder could lead to unexpectedly elevate another user's permissions on the share. This issue has been patched in version 9.1.0...

Kiteworks 输入验证错误漏洞

Kiteworks is a secure private network data software from Kiteworks, Inc. An input validation error vulnerability exists in versions of Kiteworks prior to 9.1.0 that stems from improper input validation and could result in elevated privileges on shared folders...

EUVD-2012-0149

Malware in sbrugna...

EUVD-2018-5301

Malware in sbrugna...

EUVD-2018-20774

Malware in sbrugna...

EUVD-2009-0905

Malware in sbrugna...

EUVD-2007-1738

Malware in sbrugna...

Missing Authorization

Overview Affected versions of this package are vulnerable to Missing Authorization via the shr global-option. An attacker can access unauthorized sibling files within a shared folder by guessing their filenames. Remediation Upgrade copyparty to version 1.19.8 or higher. References - GitHub Commit...

OpenRefine's SQLite integration allows filesystem access, remote code execution (RCE)

Summary In the database extension, the "enableloadextension" property can be set for the SQLite integration, enabling an attacker to load local or remote extension DLLs and so run arbitrary code on the server. The attacker needs to have network access to the OpenRefine instance. Details The...

Oracle VirtualBox Shared Folders Incorrect Authorization Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the...

BIT-SYNCTHING-2022-46165 Cross-site Scripting (XSS) in Web GUI in syncthing

Syncthing is an open source, continuous file synchronization program. In versions prior to 1.23.5 a compromised instance with shared folders could sync malicious files which contain arbitrary HTML and JavaScript in the name. If the owner of another device looks over the shared folder settings and...

PT-2024-7037 · Oracle +1 · Virtualbox +1

Name of the Vulnerable Software and Affected Versions: Oracle VM VirtualBox versions prior to 7.0.22 Oracle VM VirtualBox versions prior to 7.1.2 Description: A difficult to exploit vulnerability in Oracle VM VirtualBox allows a low privileged attacker with logon to the infrastructure where Oracl...

CVE-2024-5924

Dropbox Desktop Folder Sharing Mark-of-the-Web Bypass Vulnerability. This vulnerability allows remote attackers to bypass the Mark-of-the-Web protection mechanism on affected installations of Dropbox Desktop. User interaction is required to exploit this vulnerability in that the target must visit...

CVE-2024-5924

Dropbox Desktop Folder Sharing Mark-of-the-Web Bypass Vulnerability. This vulnerability allows remote attackers to bypass the Mark-of-the-Web protection mechanism on affected installations of Dropbox Desktop. User interaction is required to exploit this vulnerability in that the target must visit...

CVE-2024-5924 Dropbox Desktop Folder Sharing Mark-of-the-Web Bypass Vulnerability

Dropbox Desktop Folder Sharing Mark-of-the-Web Bypass Vulnerability. This vulnerability allows remote attackers to bypass the Mark-of-the-Web protection mechanism on affected installations of Dropbox Desktop. User interaction is required to exploit this vulnerability in that the target must visit...

CVE-2024-5924 Dropbox Desktop Folder Sharing Mark-of-the-Web Bypass Vulnerability

Dropbox Desktop Folder Sharing Mark-of-the-Web Bypass Vulnerability. This vulnerability allows remote attackers to bypass the Mark-of-the-Web protection mechanism on affected installations of Dropbox Desktop. User interaction is required to exploit this vulnerability in that the target must visit...

PT-2024-37243 · Dropbox · Dropbox Desktop

Name of the Vulnerable Software and Affected Versions: Dropbox Desktop affected versions not specified Description: This issue allows remote attackers to bypass the Mark-of-the-Web protection mechanism on affected installations of Dropbox Desktop. User interaction is required to exploit this issu...

Dropbox desktop application security vulnerability

Dropbox desktop application is an open source, cross-platform online file storage, synchronization, and sharing application from Dropbox Inc. in the United States. A security vulnerability exists in the Dropbox desktop application, which stems from a specific flaw in the handling of shared folder...