Waycrate: Security Vulnerabilities
SWHKD 1.1.5 allows arbitrary file-existence tests via the -c option.
CVSS Score
3.3
EPSS Score
0.001
Published
2022-04-14
SWHKD 1.1.5 consumes the keyboard events of unintended users. This could potentially cause an information leak, but is usually a denial of functionality.
CVSS Score
4.4
EPSS Score
0.001
Published
2022-04-14
SWHKD 1.1.5 unsafely uses the /tmp/swhkd.sock pathname. There can be an information leak or denial of service.
CVSS Score
9.1
EPSS Score
0.005
Published
2022-04-07
SWHKD 1.1.5 allows unsafe parsing via the -c option. An information leak might occur but there is a simple denial of service (memory exhaustion) upon an attempt to parse a large or infinite file (such as a block or character device).
CVSS Score
5.3
EPSS Score
0.002
Published
2022-04-07
SWHKD 1.1.5 unsafely uses the /tmp/swhks.pid pathname. There can be data loss or a denial of service.
CVSS Score
7.1
EPSS Score
0.001
Published
2022-03-30
SWHKD 1.1.5 unsafely uses the /tmp/swhkd.pid pathname. There can be an information leak or denial of service.
CVSS Score
7.8
EPSS Score
0.002
Published
2022-03-30