CVSS: 10.0EPSS: 2%CPEs: 42EXPL: 0CVE-2016-4448 – libxml2: Format string vulnerability
https://notcve.org/view.php?id=CVE-2016-4448
27 May 2016 — Format string vulnerability in libxml2 before 2.9.4 allows attackers to have unspecified impact via format string specifiers in unknown vectors. Vulnerabilidad de formato de cadena en libxml2 en versiones anteriores a 2.9.4 permite a atacantes tener un impacto no especificado a través de especificadores de formato de cadena en vectores desconocidos. It was discovered that libxml2 incorrectly handled format strings. If a user or automated system were tricked into opening a specially crafted document, an atta... • http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html • CWE-134: Use of Externally-Controlled Format String •
CVSS: 7.8EPSS: 0%CPEs: 24EXPL: 3CVE-2000-0438 – S.u.S.E Linux 4.x/5.x/6.x/7.0 / Slackware 3.x/4.0 / Turbolinux 6 / OpenLinux 7.0 - 'fdmount' Local Buffer Overflow
https://notcve.org/view.php?id=CVE-2000-0438
22 May 2000 — Buffer overflow in fdmount on Linux systems allows local users in the "floppy" group to execute arbitrary commands via a long mountpoint parameter. • https://www.exploit-db.com/exploits/19952 •
CVSS: 7.5EPSS: 4%CPEs: 11EXPL: 1CVE-1999-0746 – SuSE Linux 6.2 / Slackware Linux 3.2/3.6 - 'identd' Denial of Service
https://notcve.org/view.php?id=CVE-1999-0746
16 Aug 1999 — A default configuration of in.identd in SuSE Linux waits 120 seconds between requests, allowing a remote attacker to conduct a denial of service. • https://www.exploit-db.com/exploits/19463 •
CVSS: 7.8EPSS: 0%CPEs: 14EXPL: 1CVE-1999-0433 – X11R6 3.3.3 - Symlink
https://notcve.org/view.php?id=CVE-1999-0433
21 Mar 1999 — XFree86 startx command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service. • https://www.exploit-db.com/exploits/19257 •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-1999-1422
https://notcve.org/view.php?id=CVE-1999-1422
02 Jan 1999 — The default configuration of Slackware 3.4, and possibly other versions, includes . (dot, the current directory) in the PATH environmental variable, which could allow local users to create Trojan horse programs that are inadvertently executed by other users. • http://marc.info/?l=bugtraq&m=91540043023167&w=2 •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 1CVE-1999-1434 – Slackware Linux 3.5 - '/etc/group' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-1999-1434
13 Jul 1998 — login in Slackware Linux 3.2 through 3.5 does not properly check for an error when the /etc/group file is missing, which prevents it from dropping privileges, causing it to assign root privileges to any local user who logs on to the server. • https://www.exploit-db.com/exploits/19122 •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-1999-1445
https://notcve.org/view.php?id=CVE-1999-1445
02 Feb 1998 — Vulnerability in imapd and ipop3d in Slackware 3.4 and 3.3 with shadowing enabled, and possibly other operating systems, allows remote attackers to cause a core dump via a short sequence of USER and PASS commands that do not provide valid usernames or passwords. • http://marc.info/?l=bugtraq&m=88637951600184&w=2 •
CVSS: 10.0EPSS: 6%CPEs: 14EXPL: 2CVE-1999-0192 – RedHat Linux 6.0 / Slackware Linux 4.0 - Termcap 'tgetent()' Local Buffer Overflow
https://notcve.org/view.php?id=CVE-1999-0192
18 Oct 1997 — Buffer overflow in telnet daemon tgetent routing allows remote attackers to gain root access via the TERMCAP environmental variable. • https://www.exploit-db.com/exploits/19464 •
CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 0CVE-1999-1095
https://notcve.org/view.php?id=CVE-1999-1095
06 Oct 1997 — sort creates temporary files and follows symbolic links, which allows local users to modify arbitrary files that are writable by the user running sort, as observed in updatedb and other programs that use sort. • http://marc.info/?l=bugtraq&m=87619953510834&w=2 •