Microsoft Onedrive
14 CVEs affecting Microsoft Onedrive. Latest disclosed: 2025-11-11. Critical: 1, High: 7.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2020-0654 | Critical | 9.1 | 2020-01-14 | A security feature bypass vulnerability exists in Microsoft OneDrive App for Android.This could allow an attacker to bypass the passcode or fingerprint require… |
CVE-2023-24930 | High | 7.8 | 2023-03-14 | Microsoft OneDrive for MacOS Elevation of Privilege Vulnerability |
CVE-2020-1465 | High | 7.8 | 2020-07-14 | An elevation of privilege vulnerability exists in Microsoft OneDrive that allows file deletion in arbitrary locations.To exploit the vulnerability, an attacker… |
CVE-2018-0593 | High | 7.8 | 2018-06-26 | Untrusted search path vulnerability in the installer of Microsoft OneDrive allows an attacker to gain privileges via a Trojan horse DLL in an unspecified direc… |
CVE-2018-0592 | High | 7.8 | 2018-06-26 | Untrusted search path vulnerability in Microsoft OneDrive allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. |
CVE-2020-16853 | High | 7.1 | 2020-09-11 | <p>An elevation of privilege vulnerability exists when the OneDrive for Windows Desktop application improperly handles symbolic links. An attacker who successf… |
CVE-2020-16852 | High | 7.1 | 2020-09-11 | <p>An elevation of privilege vulnerability exists when the OneDrive for Windows Desktop application improperly handles symbolic links. An attacker who successf… |
CVE-2020-16851 | High | 7.1 | 2020-09-11 | <p>An elevation of privilege vulnerability exists when the OneDrive for Windows Desktop application improperly handles symbolic links. An attacker who successf… |
CVE-2025-60722 | Medium | 6.5 | 2025-11-11 | Improper limitation of a pathname to a restricted directory ('path traversal') in OneDrive for Android allows an authorized attacker to elevate privileges over… |
CVE-2023-24890 | Medium | 6.5 | 2023-03-14 | Microsoft OneDrive for iOS Security Feature Bypass Vulnerability |
CVE-2022-23255 | Medium | 5.9 | 2022-02-09 | Microsoft OneDrive for Android Security Feature Bypass Vulnerability |
CVE-2023-24923 | Medium | 5.5 | 2023-03-14 | Microsoft OneDrive for Android Information Disclosure Vulnerability |
CVE-2023-24882 | Medium | 5.5 | 2023-03-14 | Microsoft OneDrive for Android Information Disclosure Vulnerability |
CVE-2020-0935 | Medium | 5.5 | 2020-04-15 | An elevation of privilege vulnerability exists when the OneDrive for Windows Desktop application improperly handles symbolic links, aka 'OneDrive for Windows E… |