Microsoft Onedrive

14 CVEs affecting Microsoft Onedrive. Latest disclosed: 2025-11-11. Critical: 1, High: 7.

Top CVEs affecting Microsoft Onedrive
CVESeverityScorePublishedSummary
CVE-2020-0654Critical9.12020-01-14A security feature bypass vulnerability exists in Microsoft OneDrive App for Android.This could allow an attacker to bypass the passcode or fingerprint require…
CVE-2023-24930High7.82023-03-14Microsoft OneDrive for MacOS Elevation of Privilege Vulnerability
CVE-2020-1465High7.82020-07-14An elevation of privilege vulnerability exists in Microsoft OneDrive that allows file deletion in arbitrary locations.To exploit the vulnerability, an attacker…
CVE-2018-0593High7.82018-06-26Untrusted search path vulnerability in the installer of Microsoft OneDrive allows an attacker to gain privileges via a Trojan horse DLL in an unspecified direc…
CVE-2018-0592High7.82018-06-26Untrusted search path vulnerability in Microsoft OneDrive allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
CVE-2020-16853High7.12020-09-11<p>An elevation of privilege vulnerability exists when the OneDrive for Windows Desktop application improperly handles symbolic links. An attacker who successf…
CVE-2020-16852High7.12020-09-11<p>An elevation of privilege vulnerability exists when the OneDrive for Windows Desktop application improperly handles symbolic links. An attacker who successf…
CVE-2020-16851High7.12020-09-11<p>An elevation of privilege vulnerability exists when the OneDrive for Windows Desktop application improperly handles symbolic links. An attacker who successf…
CVE-2025-60722Medium6.52025-11-11Improper limitation of a pathname to a restricted directory ('path traversal') in OneDrive for Android allows an authorized attacker to elevate privileges over…
CVE-2023-24890Medium6.52023-03-14Microsoft OneDrive for iOS Security Feature Bypass Vulnerability
CVE-2022-23255Medium5.92022-02-09Microsoft OneDrive for Android Security Feature Bypass Vulnerability
CVE-2023-24923Medium5.52023-03-14Microsoft OneDrive for Android Information Disclosure Vulnerability
CVE-2023-24882Medium5.52023-03-14Microsoft OneDrive for Android Information Disclosure Vulnerability
CVE-2020-0935Medium5.52020-04-15An elevation of privilege vulnerability exists when the OneDrive for Windows Desktop application improperly handles symbolic links, aka 'OneDrive for Windows E…