CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Microsoft CVE•added 2020/09/08 7:0 a.m.•56 views

OneDrive for Windows Elevation of Privilege Vulnerability

7.1CVSS2.4AI score0.00998EPSS

Kaspersky•added 2020/09/08 12:0 a.m.•65 views

KLA11950 Multiple vulnerabilities in Microsoft Office

Multiple vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code, spoof user interface, obtain sensitive information, gain privileges. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in...

9.9CVSS9AI score0.04441EPSS

Exploits3References62

Positive Technologies•added 2020/09/08 12:0 a.m.•3 views

PT-2020-4019 · Microsoft · Onedrive For Windows Desktop

Name of the Vulnerable Software and Affected Versions: OneDrive for Windows Desktop affected versions not specified Description: The issue arises from the improper handling of symbolic links by the OneDrive for Windows Desktop application, leading to a potential elevation of privilege. An attacke...

7.1CVSS7.2AI score0.00975EPSS

Positive Technologies•added 2020/09/08 12:0 a.m.•2 views

PT-2020-4030 · Microsoft · Onedrive For Windows Desktop

7.1CVSS7.1AI score0.00998EPSS

Positive Technologies•added 2020/09/08 12:0 a.m.•2 views

PT-2020-4024 · Microsoft · Onedrive For Windows

Name of the Vulnerable Software and Affected Versions: OneDrive for Windows affected versions not specified Description: The issue is related to the improper handling of symbolic links by the OneDrive for Windows Desktop application. This could allow an attacker to overwrite a targeted file with ...

7.1CVSS6.9AI score0.00942EPSS

NCSC•added 2020/09/08 12:0 a.m.•31 views

Vulnerabilities fixed in Microsoft Office products

Microsoft fixes multiple vulnerabilities in Microsoft Office and OneDrive products. A malicious party could potentially exploit them to execute arbitrary code, to obtain elevated privileges gain access to sensitive data, or for performing a Cross-Site-Scripting XSS attack. This could include if t...

8.8CVSS6.8AI score0.04441EPSS

Exploits1

Microsoft KB•added 2020/08/11 7:0 a.m.•53 views

Description of the security update for SharePoint Server 2019: August 11, 2020

Description of the security update for SharePoint Server 2019: August 11, 2020 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see the...

8.8CVSS6.6AI score0.04906EPSS

ATTACKERKB•added 2020/07/31 12:0 a.m.•109 views

OneDrive DLL hijack privilege escalation

There exists a dll hijacking vulnerability in Onedrive versions after 20.073. Recent assessments: bwatters-r7 at July 31, 2020 9:04pm UTC reported: EDIT: This is not a privilege escalation per se. This overwrites the dll and gains injection, but it relies on a second user with greater privileges ...

0.6AI score

Tenable Nessus•added 2020/07/31 12:0 a.m.•103 views

Microsoft OneDrive Elevation of Privilege (CVE-2020-0935)

The version of Microsoft OneDrive installed on the remote Windows host is prior to 19.232.1124.0010. It is, therefore, affected by an elevation of privilege vulnerability due to the application improperly handling symbolic links. An authenticated, local attacker can exploit this, by running a...

5.5CVSS7.1AI score0.00719EPSS

BDU FSTEC•added 2020/07/29 12:0 a.m.•3 views

The vulnerability of the OneDrive for Windows file sharing service, related to deficiencies in access control, allows attackers to escalate their privileges.

The vulnerability of the OneDrive for Windows file sharing service is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges through a specially created application...

7.1CVSS7.4AI score0.00837EPSS

Exploits0References2

Hacker One•added 2020/07/27 2:43 p.m.•69 views

Internet Bug Bounty: Uncovering file quarantine and UX security issues in macOS apps ( .terminal, .fileloc and .url)

Slides : https://docs.google.com/presentation/d/19WeQbqcOKnrSv1I3Z4sm-oNAf6IVzHwRyQP4i9BvY/editslide=id.g758ad3e04223231 See Blogpost for more details - https://medium.com/@metnew/exploiting-popular-macos-apps-with-a-single-terminal-file-f6c2efdfedaa Summary Popular macOS apps with a file-sharing...

6.8CVSS6.6AI score0.02662EPSS

OpenVAS•added 2020/07/27 12:0 a.m.•24 views

Microsoft OneDrive Detection (Windows SMB Login)

SMB login-based detection of Microsoft OneDrive. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.3AI score

OpenVAS•added 2020/07/27 12:0 a.m.•16 views

Microsoft OneDrive Privilege Escalation Vulnerability (Jul 2020)

This host is missing an important security update according to Microsoft Security Updates for month of July SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

7.8CVSS6.9AI score0.00837EPSS

Exploits0References2

CNVD•added 2020/07/22 12:0 a.m.•4 views

Microsoft OneDrive power-up vulnerability

Microsoft OneDrive is a cloud backup application from Microsoft USA. The program features automatic backup of photo albums, online office and file sharing. A power lifting vulnerability exists in Microsoft OneDrive. The vulnerability can be exploited by an attacker with the help of a specially...

7.8CVSS6.8AI score0.00837EPSS

Tenable Nessus•added 2020/07/17 12:0 a.m.•23 views

Microsoft OneDrive Installed

Binary data microsoftonedriveinstalled.nbin...

7.3AI score

Tenable Nessus•added 2020/07/17 12:0 a.m.•264 views

Microsoft OneDrive Elevation of Privilege (CVE-2020-1465)

The version of Microsoft OneDrive installed on the remote Windows host is prior to 20.084.0426.0007. It is, therefore, affected by an elevation of privilege vulnerability that allows file deletion in arbitrary locations. To exploit the vulnerability, an attacker would first have to log on to the...

7.8CVSS8.2AI score0.00837EPSS

Exploits0References2

NVD•added 2020/07/14 11:15 p.m.•11 views

CVE-2020-1465

An elevation of privilege vulnerability exists in Microsoft OneDrive that allows file deletion in arbitrary locations.To exploit the vulnerability, an attacker would first have to log on to the system, aka 'Microsoft OneDrive Elevation of Privilege Vulnerability'...

7.8CVSS0.00837EPSS

Prion•added 2020/07/14 11:15 p.m.•17 views

Privilege escalation

7.2CVSS7.7AI score0.00837EPSS