Slackware: >> Slackware Linux >> 13.0 Security Vulnerabilities
openvpnserv.exe (aka the interactive service helper) in OpenVPN 2.4.x before 2.4.6 allows a local attacker to cause a double-free of memory by sending a malformed request to the interactive service. This could cause a denial-of-service through memory corruption or possibly have unspecified other impact including privilege escalation.
CVSS Score
7.8
EPSS Score
0.001
Published
2018-05-01
The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before 9.8.5-P2, 9.8.6b1, 9.9.x before 9.9.3-P2, and 9.9.4b1, and DNSco BIND 9.9.3-S1 before 9.9.3-S1-P1 and 9.9.4-S1b1, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query with a malformed RDATA section that is not properly handled during construction of a log message, as exploited in the wild in July 2013.
CVSS Score
7.8
EPSS Score
0.707
Published
2013-07-29
Multiple buffer overflows in Midnight Commander (mc) before 4.6.0 may allow attackers to cause a denial of service or execute arbitrary code.
CVSS Score
10.0
EPSS Score
0.012
Published
2004-08-18
Multiple vulnerabilities in Midnight Commander (mc) before 4.6.0, with unknown impact, related to "Insecure temporary file and directory creations."
CVSS Score
2.1
EPSS Score
0.001
Published
2004-08-18
Multiple format string vulnerabilities in Midnight Commander (mc) before 4.6.0 may allow attackers to cause a denial of service or execute arbitrary code.
CVSS Score
5.0
EPSS Score
0.01
Published
2004-08-18
Utempter allows device names that contain .. (dot dot) directory traversal sequences, which allows local users to overwrite arbitrary files via a symlink attack on device names in combination with an application that trusts the utmp or wtmp files.
CVSS Score
2.1
EPSS Score
0.002
Published
2004-08-18
Kernel logging daemon (klogd) in Linux does not properly cleanse user-injected format strings, which allows local users to gain root privileges by triggering malformed kernel messages.
CVSS Score
7.2
EPSS Score
0.001
Published
2000-11-14
Remote attackers can access mail files via POP3 in some Linux systems that are using shadow passwords.
CVSS Score
7.5
EPSS Score
0.006
Published
1995-03-01