2 matches found
CVE-2016-6866
CVE-2016-6866 affects the screen-locker slock. A null pointer dereference can occur when verifying a password for a user with an invalid shadow hash entry, caused by calling crypt(3) and using its return value in strcmp(3) without checking for NULL. This can lead to a crash and potential local im...
CVE-2012-1620
CVE-2012-1620 affects slock 0.9. The issue is that the XRaiseWindow event is not handled correctly when the screen is locked, which may allow a physically proximate attacker to reveal the desktop and active windows by pressing a button. The impact described is partial disclosure of information. T...