Skip to main content

Onedrive

13 CVEs product

Monthly

CVE-2025-60722 MEDIUM This Month

Improper limitation of a pathname to a restricted directory ('path traversal') in OneDrive for Android allows an authorized attacker to elevate privileges over a network. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Google Onedrive Android
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2023-24930 HIGH PATCH This Week

Microsoft OneDrive for MacOS Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Apple Microsoft Onedrive
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2023-24923 MEDIUM PATCH This Month

Microsoft OneDrive for Android Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Google Microsoft Onedrive
NVD
CVSS 3.1
5.5
EPSS
0.8%
CVE-2023-24890 MEDIUM PATCH This Month

Microsoft OneDrive for iOS Security Feature Bypass Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Apple Microsoft Onedrive
NVD
CVSS 3.1
6.5
EPSS
1.2%
CVE-2023-24882 MEDIUM PATCH This Month

Microsoft OneDrive for Android Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Google Microsoft Onedrive
NVD
CVSS 3.1
5.5
EPSS
0.7%
CVE-2020-16853 HIGH PATCH This Week

<p>An elevation of privilege vulnerability exists when the OneDrive for Windows Desktop application improperly handles symbolic links. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity.

Microsoft Information Disclosure Onedrive
NVD
CVSS 3.1
7.1
EPSS
1.0%
CVE-2020-16852 HIGH PATCH This Week

<p>An elevation of privilege vulnerability exists when the OneDrive for Windows Desktop application improperly handles symbolic links. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity.

Microsoft Information Disclosure Onedrive
NVD
CVSS 3.1
7.1
EPSS
0.9%
CVE-2020-16851 HIGH PATCH This Week

<p>An elevation of privilege vulnerability exists when the OneDrive for Windows Desktop application improperly handles symbolic links. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity.

Microsoft Information Disclosure Onedrive
NVD
CVSS 3.1
7.1
EPSS
1.0%
CVE-2020-1465 HIGH PATCH This Week

An elevation of privilege vulnerability exists in Microsoft OneDrive that allows file deletion in arbitrary locations.To exploit the vulnerability, an attacker would first have to log on to the. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Onedrive
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2020-0935 MEDIUM PATCH This Month

An elevation of privilege vulnerability exists when the OneDrive for Windows Desktop application improperly handles symbolic links, aka 'OneDrive for Windows Elevation of Privilege Vulnerability'. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Privilege Escalation Microsoft Onedrive
NVD
CVSS 3.1
5.5
EPSS
0.8%
CVE-2020-0654 CRITICAL PATCH Act Now

A security feature bypass vulnerability exists in Microsoft OneDrive App for Android.This could allow an attacker to bypass the passcode or fingerprint requirements of the App.The security update. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Google Microsoft Authentication Bypass Onedrive
NVD
CVSS 3.1
9.1
EPSS
3.5%
CVE-2018-0593 HIGH This Week

Untrusted search path vulnerability in the installer of Microsoft OneDrive allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Microsoft Information Disclosure Onedrive
NVD
CVSS 3.0
7.8
EPSS
5.1%
CVE-2018-0592 HIGH This Week

Untrusted search path vulnerability in Microsoft OneDrive allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Microsoft Information Disclosure Onedrive
NVD
CVSS 3.0
7.8
EPSS
5.1%
EPSS 0% CVSS 6.5
MEDIUM This Month

Improper limitation of a pathname to a restricted directory ('path traversal') in OneDrive for Android allows an authorized attacker to elevate privileges over a network. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Google Onedrive +1
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Microsoft OneDrive for MacOS Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Apple Microsoft +1
NVD
EPSS 1% CVSS 5.5
MEDIUM PATCH This Month

Microsoft OneDrive for Android Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Google Microsoft +1
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

Microsoft OneDrive for iOS Security Feature Bypass Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Apple Microsoft +1
NVD
EPSS 1% CVSS 5.5
MEDIUM PATCH This Month

Microsoft OneDrive for Android Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Google Microsoft +1
NVD
EPSS 1% CVSS 7.1
HIGH PATCH This Week

<p>An elevation of privilege vulnerability exists when the OneDrive for Windows Desktop application improperly handles symbolic links. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity.

Microsoft Information Disclosure Onedrive
NVD
EPSS 1% CVSS 7.1
HIGH PATCH This Week

<p>An elevation of privilege vulnerability exists when the OneDrive for Windows Desktop application improperly handles symbolic links. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity.

Microsoft Information Disclosure Onedrive
NVD
EPSS 1% CVSS 7.1
HIGH PATCH This Week

<p>An elevation of privilege vulnerability exists when the OneDrive for Windows Desktop application improperly handles symbolic links. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity.

Microsoft Information Disclosure Onedrive
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

An elevation of privilege vulnerability exists in Microsoft OneDrive that allows file deletion in arbitrary locations.To exploit the vulnerability, an attacker would first have to log on to the. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Onedrive
NVD
EPSS 1% CVSS 5.5
MEDIUM PATCH This Month

An elevation of privilege vulnerability exists when the OneDrive for Windows Desktop application improperly handles symbolic links, aka 'OneDrive for Windows Elevation of Privilege Vulnerability'. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Privilege Escalation Microsoft Onedrive
NVD
EPSS 3% CVSS 9.1
CRITICAL PATCH Act Now

A security feature bypass vulnerability exists in Microsoft OneDrive App for Android.This could allow an attacker to bypass the passcode or fingerprint requirements of the App.The security update. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Google Microsoft Authentication Bypass +1
NVD
EPSS 5% CVSS 7.8
HIGH This Week

Untrusted search path vulnerability in the installer of Microsoft OneDrive allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Microsoft Information Disclosure Onedrive
NVD
EPSS 5% CVSS 7.8
HIGH This Week

Untrusted search path vulnerability in Microsoft OneDrive allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Microsoft Information Disclosure Onedrive
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy