Every CVE whose affected-product data names Cdrtools Cdrecord, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2003-0289 — CVSS 7.2 (high): Format string vulnerability in scsiopen.c of the cdrecord program in cdrtools 2.0 allows local users to gain privileges via format string…
CVE-2004-0806 — CVSS 7.2 (high): cdrecord in the cdrtools package before 2.01, when installed setuid root, does not properly drop privileges before executing a program…
CVE-2005-0866 — CVSS 2.1 (low): cdrecord before 4:2.0, when DEBUG is enabled, allows local users to overwrite arbitrary files via a symlink attack on temporary files.