EUVD-2023-44627

Malicious code in bioql PyPI...

EUVD-2023-28872

Malicious code in bioql PyPI...

EUVD-2022-28342

Malicious code in bioql PyPI...

PT-2025-21: Local Privilege Escalation in Microsoft OneDrive

The vulnerability was identified in OneDrive, version 25.020.0202. The vulnerability in Microsoft OneDrive was discovered on MacOS. Local privilege escalation allows an attacker to escalate privileges from a normal user to root. To exploit the vulnerability a potential attacker must be able to...

Russian APT28 Deploys “NotDoor” Backdoor Through Microsoft Outlook

APT28 hackers deploy NotDoor backdoor via Microsoft Outlook macros, using OneDrive sideloading to steal data and evade detection...

Russian APT28 Deploys "NotDoor" Outlook Backdoor Against Companies in NATO Countries

The Russian state-sponsored hacking group tracked as APT28 has been attributed to a new Microsoft Outlook backdoor called NotDoor in attacks targeting multiple companies from different sectors in NATO member countries. NotDoor "is a VBA macro for Outlook designed to monitor incoming emails for a...

MAL-2025-28237 Malicious code in onedrive-verification (npm)

The package onedrive-verification was found to contain malicious code...

Malicious code in onedrive-verification (npm)

The package onedrive-verification was found to contain malicious code...

Description of the security update for SharePoint Server 2016: August 12, 2025 (KB5002771)

Description of the security update for SharePoint Server 2016: August 12, 2025 KB5002771 Summary This security update resolves a Microsoft SharePoint remote code execution vulnerability, Microsoft SharePoint elevation of privilege vulnerability, Microsoft Word remote code execution vulnerability,...

Description of the security update for SharePoint Server 2016 Language Pack: August 12, 2025 (KB5002772)

Description of the security update for SharePoint Server 2016 Language Pack: August 12, 2025 KB5002772 Summary This security update resolves a Microsoft Word remote code execution vulnerability and Microsoft Word information disclosure vulnerability. To learn more about the vulnerabilities, see t...

(0Day) Microsoft Windows OneDrive SmartScreen Bypass Vulnerability

This vulnerability allows remote attackers to bypass the Mark-of-the-Web protection mechanism on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exist...

Discord CDN Link Abused to Deliver RAT Disguised as OneDrive File

Hackers are installing multiple RMMs like Atera and Splashtop in a new malware attack. This article details the abuse of Discord CDN link andn fake OneDrive phishing campaign discovered by Sublime Security...

The vulnerability of the OneDrive file sharing service for the macOS operating system arises from the insecure management of privileges, allowing an attacker to elevate their privileges to root user level.

The vulnerability of the OneDrive file sharing service for the macOS operating system is related to insecure management of privileges. Exploiting this vulnerability could allow an attacker to elevate their privileges to the root user level...

Description of the security update for SharePoint Enterprise Server 2016 Language Pack: July 8, 2025 (KB5002743)

Description of the security update for SharePoint Enterprise Server 2016 Language Pack: July 8, 2025 KB5002743 Summary This security update resolves a Microsoft Word remote code execution vulnerability. To learn more about the vulnerability, see Microsoft Common Vulnerabilities and Exposures...

Description of the security update for SharePoint Enterprise Server 2016 Language Pack: June 10, 2025 (KB5002731)

Description of the security update for SharePoint Enterprise Server 2016 Language Pack: June 10, 2025 KB5002731 Summary This security update resolves a Microsoft Word remote code execution vulnerability. To learn more about the vulnerability, see the following security advisories: Microsoft Commo...

Description of the security update for SharePoint Enterprise Server 2016: June 10, 2025 (KB5002732)

Description of the security update for SharePoint Enterprise Server 2016: June 10, 2025 KB5002732 Summary This security update resolves a Microsoft SharePoint Server remote code execution vulnerability and Microsoft Word remote code execution vulnerability. To learn more about the vulnerabilities...

OneDrive File Picker Flaw Gives Apps Full Access to User Drives

A recent investigation by cybersecurity researchers at Oasis Security has revealed a data overreach in how Microsoft’s OneDrive…...

Microsoft OneDrive File Picker Flaw Grants Apps Full Cloud Access — Even When Uploading Just One File

Cybersecurity researchers have discovered a security flaw in Microsoft's OneDrive File Picker that, if successfully exploited, could allow websites to access a user's entire cloud storage content, as opposed to just the files selected for upload via the tool. "This stems from overly broad OAuth...

CVE-2024-34525

FileCodeBox 2.0 stores a OneDrive password and AWS key in a cleartext env file...

CVE-2020-1465

An elevation of privilege vulnerability exists in Microsoft OneDrive that allows file deletion in arbitrary locations.To exploit the vulnerability, an attacker would first have to log on to the system, aka 'Microsoft OneDrive Elevation of Privilege Vulnerability'...