Files drop share links for end-to-end encrypted folders allowed to drop files into other folders of the share owner

None...

EUVD-2008-2095

Malware in sbrugna...

EUVD-2024-36575

Malicious code in bioql PyPI...

CVE-2024-45512

An issue was discovered in webmail in Zimbra Collaboration ZCS through 10.1. An attacker can exploit this vulnerability by creating a folder in the Briefcase module with a malicious payload and sharing it with a victim. When the victim interacts with the folder share notification, the malicious...

CVE-2025-30448

This issue was addressed with additional entitlement checks. This issue is fixed in iOS 18.5 and iPadOS 18.5, iPadOS 17.7.7, macOS Sequoia 15.4, macOS Sonoma 14.7.6, macOS Ventura 13.7.6, visionOS 2.5. An attacker may be able to turn on sharing of an iCloud folder without authentication...

CVE-2025-30448

This issue was addressed with additional entitlement checks. This issue is fixed in macOS Sonoma 14.7.6, iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, visionOS 2.5, macOS Ventura 13.7.6, macOS Sequoia 15.4. An attacker may be able to turn on sharing of an iCloud folder without authentication...

CVE-2025-30448

This issue was addressed with additional entitlement checks. This issue is fixed in iOS 18.5 and iPadOS 18.5, iPadOS 17.7.7, macOS Sequoia 15.4, macOS Sonoma 14.7.6, macOS Ventura 13.7.6, visionOS 2.5. An attacker may be able to turn on sharing of an iCloud folder without authentication...

CVE-2025-30448

CVE-2025-30448 affects Apple platforms including macOS Ventura 13.7.6, macOS Sonoma 14.7.6, macOS Sequoia 15.4, iOS 18.5, iPadOS 18.5, iPadOS 17.7.7, and visionOS 2.5. The issue stems from insufficient entitlement checks, which could allow an attacker to enable iCloud folder sharing without authe...

CVE-2025-30448

This issue was addressed with additional entitlement checks. This issue is fixed in iOS 18.5 and iPadOS 18.5, iPadOS 17.7.7, macOS Sequoia 15.4, macOS Sonoma 14.7.6, macOS Ventura 13.7.6, visionOS 2.5. An attacker may be able to turn on sharing of an iCloud folder without authentication...

Apple多款产品 安全漏洞

Apple iOS is an operating system developed for mobile devices. apple macOS is a specialized operating system developed for Mac computers. apple iPadOS is an operating system for the iPad tablet computer. A security vulnerability exists in several Apple products that stems from insufficient...

CVE-2024-37317 Nextcloud Notes app can be tricked into using a received share created before the user logged in

The Nextcloud Notes app is a distraction free notes taking app for Nextcloud. If an attacker managed to share a folder called Notes/ with a newly created user before they logged in, the Notes app would use that folder store the personal notes. It is recommended that the Nextcloud Notes app is...

CVE-2024-5924 Dropbox Desktop Folder Sharing Mark-of-the-Web Bypass Vulnerability

Dropbox Desktop Folder Sharing Mark-of-the-Web Bypass Vulnerability. This vulnerability allows remote attackers to bypass the Mark-of-the-Web protection mechanism on affected installations of Dropbox Desktop. User interaction is required to exploit this vulnerability in that the target must visit...

CVE-2022-29163 Bypass of password requirements when sharing a folder via the Circles app in Nextcloud Server

Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform. Prior to versions 22.2.6 and 23.0.3, a user can create a link that is not password protected even if the administrator requires links to be password protected. Versions 22.2.6 and 23.0.3 contain a pat...

Description of the security update for SharePoint Enterprise Server 2016: January 11, 2022 (KB5002113)

Description of the security update for SharePoint Enterprise Server 2016: January 11, 2022 KB5002113 Summary This security update resolves a Microsoft Word remote code execution vulnerability, Microsoft Office remote code execution vulnerability, and Microsoft SharePoint Server remote code...

Synology Router Manager Information Disclosure Vulnerability (CNVD-2019-08958)

Synology Router Manager SRM is a software for configuring and managing Synology routers from Synology Inc. of Taiwan, China. An information disclosure vulnerability exists in SYNO.FolderSharing.List in Synology SRM versions prior to 1.1.7-6941-2. The vulnerability, which originates from errors su...

CVE-2018-13289

Information exposure vulnerability in SYNO.FolderSharing.List in Synology Router Manager SRM before 1.1.7-6941-2 allows remote attackers to obtain sensitive information via the 1 folderpath or 2 realpath parameter...

CVE-2018-13288

Information exposure vulnerability in SYNO.FolderSharing.List in Synology File Station before 1.2.3-0252 and before 1.1.5-0125 allows remote attackers to obtain sensitive information via the 1 folderpath or 2 realpath parameter...

CVE-2018-13289

Information exposure vulnerability in SYNO.FolderSharing.List in Synology Router Manager SRM before 1.1.7-6941-2 allows remote attackers to obtain sensitive information via the 1 folderpath or 2 realpath parameter...

LabF nfsAxe 3.7 - Privilege Escalation

Exploit Author: bzyo Twitter: @bzyo Exploit Title: LabF nfsAxe 3.7 - Privilege Escalation Date: 03-24-2018 Vulnerable Software: LabF nfsAxe 3.7 Vendor Homepage: http://www.labf.com/ Version: 3.7 Software Link: http://www.labf.com/download/nfsaxe.exe Tested On: Windows 7 x86 and x64 Requires Windo...

Heap overflow

Heap-based buffer overflow in the VMware Host Guest File System HGFS in VMware Workstation 6 before 6.0.4 build 93057, VMware Player 2 before 2.0.4 build 93057, VMware ACE 2 before 2.0.2 build 93057, and VMware Fusion before 1.1.2 build 87978, when folder sharing is used, allows guest OS users to...