Every CVE whose affected-product data names Microsoft Onedrive, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (14)
CVE-2020-0654 — CVSS 9.1 (critical): A security feature bypass vulnerability exists in Microsoft OneDrive App for Android.This could allow an attacker to bypass the passcode or…
CVE-2018-0593 — CVSS 7.8 (high): Untrusted search path vulnerability in the installer of Microsoft OneDrive allows an attacker to gain privileges via a Trojan horse DLL in…
CVE-2018-0592 — CVSS 7.8 (high): Untrusted search path vulnerability in Microsoft OneDrive allows an attacker to gain privileges via a Trojan horse DLL in an unspecified…
CVE-2020-1465 — CVSS 7.8 (high): An elevation of privilege vulnerability exists in Microsoft OneDrive that allows file deletion in arbitrary locations.To exploit the…
CVE-2020-16853 — CVSS 7.1 (high): <p>An elevation of privilege vulnerability exists when the OneDrive for Windows Desktop application improperly handles symbolic links. An…
CVE-2020-16851 — CVSS 7.1 (high): <p>An elevation of privilege vulnerability exists when the OneDrive for Windows Desktop application improperly handles symbolic links. An…
CVE-2020-16852 — CVSS 7.1 (high): <p>An elevation of privilege vulnerability exists when the OneDrive for Windows Desktop application improperly handles symbolic links. An…
CVE-2025-60722 — CVSS 6.5 (medium): Improper limitation of a pathname to a restricted directory ('path traversal') in OneDrive for Android allows an authorized attacker to…
CVE-2020-0935 — CVSS 5.5 (medium): An elevation of privilege vulnerability exists when the OneDrive for Windows Desktop application improperly handles symbolic links, aka…