Vulnerabilities > Suckless
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-11-19 | CVE-2012-0842 | Information Exposure vulnerability in multiple products surf: cookie jar has read access from other local user | 2.1 |
2017-02-15 | CVE-2016-6866 | NULL Pointer Dereference vulnerability in multiple products slock allows attackers to bypass the screen lock via vectors involving an invalid password hash, which triggers a NULL pointer dereference and crash. | 7.5 |
2012-07-12 | CVE-2012-1620 | Permissions, Privileges, and Access Controls vulnerability in Suckless Slock 0.9 slock 0.9 does not properly handle the XRaiseWindow event when the screen is locked, which might allow physically proximate attackers to obtain sensitive information by pressing a button, which reveals the desktop and active windows. | 3.6 |