VYPR

Slock

by Suckless

CVEs (2)

  • CVE-2016-6866HigFeb 15, 2017
    risk 0.49cvss 7.5epss 0.03

    slock allows attackers to bypass the screen lock via vectors involving an invalid password hash, which triggers a NULL pointer dereference and crash.

  • CVE-2012-1620Jul 12, 2012
    risk 0.00cvss epss 0.01

    slock 0.9 does not properly handle the XRaiseWindow event when the screen is locked, which might allow physically proximate attackers to obtain sensitive information by pressing a button, which reveals the desktop and active windows.