An issue was discovered in beta versions of the 1Password command-line tool prior to 0.5.5 and in beta versions of the 1Password SCIM bridge prior to 0.7.3. An insecure random number generator was used to generate various keys. An attacker with access to the user’s encrypted data may be able to perform brute-force calculations of encryption keys and thus succeed at decryption.
View Full Alert
Related Posts
CVE-2020-12777A function in Combodo iTop contains a vulnerability of Broken Access Control, which allows unauthorized attacker to inject command and disclose system information. View Full Alert
CVE-2020-10936Sympa before 6.2.56 allows privilege escalation. View Full Alert
CVE-2020-10945Centreon before 19.10.7 exposes Session IDs in server responses. View Full Alert