Shinyzenith - Security Researcher - Exploit Intelligence Platform

CVE-2022-27815 WRITEUP HIGH WRITEUP

swhkd < 1.2.0 - Denial of Service via /tmp/swhkd.pid Symlink

SWHKD 1.1.5 unsafely uses the /tmp/swhkd.pid pathname. There can be an information leak or denial of service.

CVSS 7.8

View Code

CVE-2022-27816 WRITEUP HIGH WRITEUP

swhkd < 1.2.0 - Denial of Service via Unsafe /tmp/swhks.pid Handling

SWHKD 1.1.5 unsafely uses the /tmp/swhks.pid pathname. There can be data loss or a denial of service.

CVSS 7.1

View Code

CVE-2022-27818 WRITEUP CRITICAL WRITEUP

swhkd < 1.2.0 - Exposure of Resource to Wrong Sphere via /tmp/swhkd.sock

SWHKD 1.1.5 unsafely uses the /tmp/swhkd.sock pathname. There can be an information leak or denial of service.

CVSS 9.1

View Code

CVE-2022-27819 WRITEUP MEDIUM WRITEUP

swhkd 1.1.5 - Denial of Service via Unsafe File Parsing

SWHKD 1.1.5 allows unsafe parsing via the -c option. An information leak might occur but there is a simple denial of service (memory exhaustion) upon an attempt to parse a large or infinite file (such as a block or character device).

CVSS 5.3

View Code