Lucene search
K
MicrosoftOnedrive

14 matches found

CVE
CVE
added 2023/03/14 4:55 p.m.234 views

CVE-2023-24930

CVE-2023-24930 — Microsoft OneDrive for MacOS Privilege Escalation Affected software: OneDrive for MacOS (macOS). The connected Nessus entry specifies that versions prior to 23.043.0226 are affected. Vulnerability: Elevation of privilege. An authenticated, local attacker can escalate to SYSTEM pr...

7.8CVSS7.8AI score0.00468EPSS
CVE
CVE
added 2020/09/11 5:8 p.m.126 views

CVE-2020-16852

CVE-2020-16852 is a OneDrive for Windows Desktop Elevation of Privilege vulnerability caused by improper handling of symbolic links. An attacker with local access could log on, run a crafted app, and overwrite a targeted file with elevated privileges. The fix is to correct where the OneDrive upda...

7.1CVSS7.5AI score0.00942EPSS
CVE
CVE
added 2023/03/14 4:55 p.m.120 views

CVE-2023-24882

Technical details for CVE-2023-24882 are not publicly available in the provided documents; monitor for updates from vendors and security advisories.

5.5CVSS5.5AI score0.00729EPSS
CVE
CVE
added 2023/03/14 4:55 p.m.110 views

CVE-2023-24890

CVE-2023-24890 concerns Microsoft OneDrive for iOS and is described in connected sources as a security feature bypass (circumvention of a security measure). Affected product/area: OneDrive for iOS. The available documents identify the vulnerability as bypassing security controls but do not provid...

6.5CVSS6.5AI score0.01205EPSS
CVE
CVE
added 2023/03/14 4:55 p.m.110 views

CVE-2023-24923

OneDrive for Android is affected by CVE-2023-24923. Connected PT-2023-1786 indicates the issue stems from a lack of protection for service data in OneDrive’s Android implementation, potentially allowing an attacker to access protected information. No specific affected versions or fix/version deta...

5.5CVSS5.5AI score0.00848EPSS
CVE
CVE
added 2020/07/14 10:54 p.m.109 views

CVE-2020-1465

CVE-2020-1465 affects Microsoft OneDrive. It is an elevation of privilege vulnerability that enables file deletion in arbitrary locations after a local login. Microsoft’s advisory (MSRC) states the fix is delivered by updating OneDrive to a newer build (e.g., 20.084.0426.0007); CVSS metrics on re...

7.8CVSS8.1AI score0.00837EPSS
CVE
CVE
added 2020/09/11 5:8 p.m.101 views

CVE-2020-16851

CVE-2020-16851 concerns the OneDrive for Windows Desktop updater elevating privileges due to improper handling of symbolic links. The vulnerability could let an attacker with local access exploit a crafted program to overwrite a targeted file with elevated rights after logging on. Microsoft MSRC ...

7.1CVSS7.5AI score0.00975EPSS
CVE
CVE
added 2022/02/09 4:37 p.m.97 views

CVE-2022-23255

CVE-2022-23255 corresponds to a security feature bypass in Microsoft OneDrive for Android. Connected sources (PT-2022-1677 and NCSC-2022-0103) describe an improper authorization flaw that allows bypassing security controls on OneDrive for Android, potentially enabling access to protected informat...

6.8CVSS6AI score0.0056EPSS
CVE
CVE
added 2020/01/14 11:11 p.m.91 views

CVE-2020-0654

CVE-2020-0654 affects Microsoft OneDrive App for Android. A security feature bypass exists where an attacker could bypass passcode or fingerprint requirements by abusing how sharing links are handled. The issue is addressed by a security update that fixes the way the OneDrive Android app processe...

9.1CVSS8.8AI score0.03476EPSS
CVE
CVE
added 2020/04/15 3:12 p.m.89 views

CVE-2020-0935

CVE-2020-0935 (OneDrive for Windows Elevation of Privilege) is a local elevation-of-privilege flaw in the OneDrive for Windows Desktop application caused by improper handling of symbolic links. An authenticated, local attacker could run a specially crafted program to overwrite a target file, gain...

5.5CVSS6.9AI score0.00719EPSS
CVE
CVE
added 2020/09/11 5:8 p.m.84 views

CVE-2020-16853

CVE-2020-16853 (OneDrive for Windows) : Elevation of Privilege vulnerability in the OneDrive for Windows Desktop client arises from improper handling of symbolic links, allowing a local attacker to overwrite a targeted file with elevated privileges after logging on and executing a crafted applica...

7.1CVSS7.5AI score0.00998EPSS
CVE
CVE
added 2018/06/26 2:0 p.m.52 views

CVE-2018-0593

The CVE-2018-0593 entry affects the Microsoft OneDrive installer, which has an untrusted search path vulnerability (DLL planting) that can allow privilege escalation by placing a Trojan DLL in the installer’s directory. Root cause: insecure DLL search order in the installer. Impact described: arb...

7.8CVSS7.6AI score0.0513EPSS
CVE
CVE
added 2025/11/11 5:59 p.m.47 views

CVE-2025-60722

CVE-2025-60722 is a path traversal vulnerability in OneDrive for Android that can lead to elevation of privileges for an authorized user over a network. The advisory set confirms the affected product is OneDrive for Android and notes the root cause as improper pathname handling. Public exploitati...

6.5CVSS5.3AI score0.00775EPSS
CVE
CVE
added 2018/06/26 2:0 p.m.45 views

CVE-2018-0592

CVE-2018-0592 affects Microsoft OneDrive with an untrusted search path/DLL planting issue. The vulnerability arises when a Trojan horse DLL placed in the application’s directory can execute with the user’s privileges, enabling arbitrary code execution if exploited locally. Affected context is the...

7.8CVSS7.6AI score0.0513EPSS