Vulnerabilities > Suckless

DATE CVE VULNERABILITY TITLE RISK
2019-11-19 CVE-2012-0842 Information Exposure vulnerability in multiple products
surf: cookie jar has read access from other local user
local
low complexity
suckless debian CWE-200
2.1
2017-02-15 CVE-2016-6866 NULL Pointer Dereference vulnerability in multiple products
slock allows attackers to bypass the screen lock via vectors involving an invalid password hash, which triggers a NULL pointer dereference and crash.
network
low complexity
suckless fedoraproject CWE-476
7.5
2012-07-12 CVE-2012-1620 Permissions, Privileges, and Access Controls vulnerability in Suckless Slock 0.9
slock 0.9 does not properly handle the XRaiseWindow event when the screen is locked, which might allow physically proximate attackers to obtain sensitive information by pressing a button, which reveals the desktop and active windows.
local
low complexity
suckless CWE-264
3.6