Vulnerabilities > Slackware

DATE	CVE	VULNERABILITY TITLE	RISK
2019-11-21	CVE-2013-7172	Improper Input Validation vulnerability in Slackware Linux Slackware 13.1, 13.37, 14.0 and 14.1 contain world-writable permissions on the iodbctest and iodbctestw programs within the libiodbc package, which could allow local users to use RPATH information to execute arbitrary code with root privileges. local low complexity slackware CWE-20	7.8
2019-11-21	CVE-2013-7171	Improper Input Validation vulnerability in Slackware Linux 14.0/14.1 Slackware 14.0 and 14.1, and Slackware LLVM 3.0-i486-2 and 3.3-i486-2, contain world-writable permissions on the /tmp directory which could allow remote attackers to execute arbitrary code with root privileges. network low complexity slackware CWE-20 critical	9.8
2019-11-14	CVE-2019-11135	TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. local low complexity opensuse fedoraproject slackware hp intel canonical debian redhat oracle	6.5
2018-05-01	CVE-2018-9336	Double Free vulnerability in multiple products openvpnserv.exe (aka the interactive service helper) in OpenVPN 2.4.x before 2.4.6 allows a local attacker to cause a double-free of memory by sending a malformed request to the interactive service. local low complexity openvpn slackware CWE-415	7.8
2018-03-06	CVE-2018-7184	ntpd in ntp 4.2.8p4 before 4.2.8p11 drops bad packets before updating the "received" timestamp, which allows remote attackers to cause a denial of service (disruption) by sending a packet with a zero-origin timestamp causing the association to reset and setting the contents of the packet as the most recent timestamp. network low complexity ntp synology slackware canonical netapp	7.5
2016-06-09	CVE-2016-4448	Use of Externally-Controlled Format String vulnerability in multiple products Format string vulnerability in libxml2 before 2.9.4 allows attackers to have unspecified impact via format string specifiers in unknown vectors. network low complexity hp apple xmlsoft redhat slackware oracle tenable mcafee CWE-134 critical	9.8
2007-07-16	CVE-2007-3798	Unchecked Return Value vulnerability in multiple products Integer overflow in print-bgp.c in the BGP dissector in tcpdump 3.9.6 and earlier allows remote attackers to execute arbitrary code via crafted TLVs in a BGP packet, related to an unchecked return value. network low complexity tcpdump canonical debian slackware freebsd apple CWE-252 critical	9.8
2005-02-09	CVE-2004-0940	Incorrect Calculation of Buffer Size vulnerability in multiple products Buffer overflow in the get_tag function in mod_include for Apache 1.3.x to 1.3.32 allows local users who can create SSI documents to execute arbitrary code as the apache user via SSI (XSSI) documents that trigger a length calculation error. local low complexity openpkg apache slackware hp suse trustix CWE-131	7.8

Vulnerabilities > Slackware {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Slackware"}]}

Vulnerabilities > Slackware