CVE-2020-10256 (command-line, scim)

An issue was discovered in beta versions of the 1Password command-line tool prior to 0.5.5 and in beta versions of the 1Password SCIM bridge prior to 0.7.3. An insecure random number generator was used to generate various keys. An attacker with access to the user’s encrypted data may be able to perform brute-force calculations of encryption keys and thus succeed at decryption.

View Full Alert

Related Posts

  • CVE-2020-12777

    A function in Combodo iTop contains a vulnerability of Broken Access Control, which allows unauthorized attacker to inject command and disclose system information. View Full Alert

  • CVE-2020-10936

    Sympa before 6.2.56 allows privilege escalation. View Full Alert

  • CVE-2020-10945

    Centreon before 19.10.7 exposes Session IDs in server responses. View Full Alert