Suckless : Security Vulnerabilities, CVEs,
slock allows attackers to bypass the screen lock via vectors involving an invalid password hash, which triggers a NULL pointer dereference and crash.
Max CVSS
7.5
EPSS Score
0.81%
Published
2017-02-15
Updated
2017-02-17
slock 0.9 does not properly handle the XRaiseWindow event when the screen is locked, which might allow physically proximate attackers to obtain sensitive information by pressing a button, which reveals the desktop and active windows.
Max CVSS
3.6
EPSS Score
0.06%
Published
2012-07-12
Updated
2017-08-29
surf: cookie jar has read access from other local user
Max CVSS
5.5
EPSS Score
0.04%
Published
2019-11-19
Updated
2020-08-18
3 vulnerabilities found