Vulnerabilities > 1Password > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-08-06 | CVE-2024-42218 | Unspecified vulnerability in 1Password 1Password 8 before 8.10.38 for macOS allows local attackers to exfiltrate vault items by bypassing macOS-specific security mechanisms. | 4.7 |
2022-06-15 | CVE-2022-32550 | Unspecified vulnerability in 1Password products An issue was discovered in AgileBits 1Password, involving the method various 1Password apps and integrations used to create connections to the 1Password service. | 4.8 |
2022-05-09 | CVE-2022-29868 | Cleartext Storage of Sensitive Information vulnerability in 1Password 1Password for Mac 7.2.4 through 7.9.x before 7.9.3 is vulnerable to a process validation bypass. | 5.5 |
2021-09-29 | CVE-2021-41795 | Unspecified vulnerability in 1Password The Safari app extension bundled with 1Password for Mac 7.7.0 through 7.8.x before 7.8.7 is vulnerable to authorization bypass. | 6.5 |
2021-07-16 | CVE-2021-36758 | Incorrect Authorization vulnerability in 1Password Connect 1.0.1/1.1.0/1.1.1 1Password Connect server before 1.2 is missing validation checks, permitting users to create Secrets Automation access tokens that can be used to perform privilege escalation. | 5.4 |
2021-02-08 | CVE-2021-26905 | Improper Authentication vulnerability in 1Password Scim Bridge 1Password SCIM Bridge before 1.6.2 mishandles validation of authenticated requests for log files, leading to disclosure of a TLS private key. | 6.5 |
2020-01-09 | CVE-2014-3753 | Information Exposure vulnerability in 1Password AgileBits 1Password through 1.0.9.340 allows security feature bypass | 5.5 |
2018-10-05 | CVE-2018-13042 | Improper Input Validation vulnerability in 1Password 6.8 The 1Password application 6.8 for Android is affected by a Denial Of Service vulnerability. | 5.9 |