Vulnerabilities > 1Password
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-08-06 | CVE-2024-42218 | Unspecified vulnerability in 1Password 1Password 8 before 8.10.38 for macOS allows local attackers to exfiltrate vault items by bypassing macOS-specific security mechanisms. | 4.7 |
2024-08-06 | CVE-2024-42219 | Unspecified vulnerability in 1Password 1Password 8 before 8.10.36 for macOS allows local attackers to exfiltrate vault items because XPC inter-process communication validation is insufficient. | 7.8 |
2022-06-15 | CVE-2022-32550 | Unspecified vulnerability in 1Password products An issue was discovered in AgileBits 1Password, involving the method various 1Password apps and integrations used to create connections to the 1Password service. | 4.8 |
2022-05-09 | CVE-2022-29868 | Cleartext Storage of Sensitive Information vulnerability in 1Password 1Password for Mac 7.2.4 through 7.9.x before 7.9.3 is vulnerable to a process validation bypass. | 5.5 |
2021-09-29 | CVE-2021-41795 | Unspecified vulnerability in 1Password The Safari app extension bundled with 1Password for Mac 7.7.0 through 7.8.x before 7.8.7 is vulnerable to authorization bypass. | 6.5 |
2021-07-26 | CVE-2020-18173 | Uncontrolled Search Path Element vulnerability in 1Password 7.3.712 A DLL injection vulnerability in 1password.dll of 1Password 7.3.712 allows attackers to execute arbitrary code. | 7.8 |
2021-07-16 | CVE-2021-36758 | Incorrect Authorization vulnerability in 1Password Connect 1.0.1/1.1.0/1.1.1 1Password Connect server before 1.2 is missing validation checks, permitting users to create Secrets Automation access tokens that can be used to perform privilege escalation. | 5.4 |
2021-02-08 | CVE-2021-26905 | Improper Authentication vulnerability in 1Password Scim Bridge 1Password SCIM Bridge before 1.6.2 mishandles validation of authenticated requests for log files, leading to disclosure of a TLS private key. | 6.5 |
2020-10-27 | CVE-2020-10256 | Unspecified vulnerability in 1Password Command Line Interface and Scim An issue was discovered in beta versions of the 1Password command-line tool prior to 0.5.5 and in beta versions of the 1Password SCIM bridge prior to 0.7.3. | 9.8 |
2020-01-09 | CVE-2014-3753 | Information Exposure vulnerability in 1Password AgileBits 1Password through 1.0.9.340 allows security feature bypass | 5.5 |