Aggregates CVE and security vulnerability intelligence across all waycrate-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Common weakness patterns include vendor risk path handling and vendor risk denial of service, with potential vendor impact file overwrite across vendor surface production workloads and vendor surface software deployment use cases.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2022-27817 | SWHKD 1.1.5 consumes the keyboard events of unintended users. This could potentially cause an information leak, but is usually a denial of functionality. | [email protected] | 4.4 | 0.07% | 2022-04-14 | 2024-11-21 |
| CVE-2022-27814 | SWHKD 1.1.5 allows arbitrary file-existence tests via the -c option. | [email protected] | 3.3 | 0.14% | 2022-04-14 | 2024-11-21 |
| CVE-2022-27819 | SWHKD 1.1.5 allows unsafe parsing via the -c option. An information leak might occur but there is a simple denial of service (memory exhaustion) upon an attempt to parse a large or infinite file (such as a block or character device). | [email protected] | 5.3 | 0.22% | 2022-04-07 | 2024-11-21 |
| CVE-2022-27818 | SWHKD 1.1.5 unsafely uses the /tmp/swhkd.sock pathname. There can be an information leak or denial of service. | [email protected] | 9.1 | 0.49% | 2022-04-07 | 2024-11-21 |
| CVE-2022-27816 | SWHKD 1.1.5 unsafely uses the /tmp/swhks.pid pathname. There can be data loss or a denial of service. | [email protected] | 7.1 | 0.12% | 2022-03-30 | 2024-11-21 |
| CVE-2022-27815 | SWHKD 1.1.5 unsafely uses the /tmp/swhkd.pid pathname. There can be an information leak or denial of service. | [email protected] | 7.8 | 0.10% | 2022-03-30 | 2024-11-21 |