Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

1password Security Vulnerabilities

cve
cve

CVE-2022-32550

An issue was discovered in AgileBits 1Password, involving the method various 1Password apps and integrations used to create connections to the 1Password service. In specific circumstances, this issue allowed a malicious server to convince a 1Password app or integration it is communicating with the....

4.8CVSS

5AI Score

0.001EPSS

2022-06-15 07:15 PM
1461
cve
cve

CVE-2022-29868

1Password for Mac 7.2.4 through 7.9.x before 7.9.3 is vulnerable to a process validation bypass. Malicious software running on the same computer can exfiltrate secrets from 1Password provided that 1Password is running and is unlocked. Affected secrets include vault items and derived values used...

5.5CVSS

5.5AI Score

0.0004EPSS

2022-05-09 07:15 PM
66
5
cve
cve

CVE-2021-41795

The Safari app extension bundled with 1Password for Mac 7.7.0 through 7.8.x before 7.8.7 is vulnerable to authorization bypass. By targeting a vulnerable component of this extension, a malicious web page could read a subset of 1Password vault items that would normally be fillable by the user on...

6.5CVSS

6AI Score

0.001EPSS

2021-09-29 09:15 PM
38
cve
cve

CVE-2020-18173

A DLL injection vulnerability in 1password.dll of 1Password 7.3.712 allows attackers to execute arbitrary...

7.8CVSS

8.2AI Score

0.001EPSS

2021-07-26 08:15 PM
49
6
cve
cve

CVE-2014-3753

AgileBits 1Password through 1.0.9.340 allows security feature...

5.5CVSS

7.5AI Score

0.001EPSS

2020-01-09 02:15 PM
205
cve
cve

CVE-2018-19863

An issue was discovered in 1Password 7.2.3.BETA before 7.2.3.BETA-3 on macOS. A mistake in error logging resulted in instances where sensitive data passed from Safari to 1Password could be logged locally on the user's machine. This data could include usernames and passwords that a user manually...

5.5CVSS

7AI Score

0.001EPSS

2018-12-22 03:29 PM
25
cve
cve

CVE-2018-13042

The 1Password application 6.8 for Android is affected by a Denial Of Service vulnerability. By starting the activity com.agilebits.onepassword.filling.openyolo.OpenYoloDeleteActivity or com.agilebits.onepassword.filling.openyolo.OpenYoloRetrieveActivity from an external application (since they are....

5.9CVSS

5.6AI Score

0.025EPSS

2018-10-05 09:29 PM
1147
cve
cve

CVE-2012-6369

Cross-site scripting (XSS) vulnerability in the Troubleshooting Reporting System feature in AgileBits 1Password 3.9.9 might allow remote attackers to inject arbitrary web script or HTML via a crafted User-Agent HTTP header that is not properly handled in a View Troubleshooting Report...

5.8AI Score

0.002EPSS

2012-12-28 11:48 AM
22