Every CVE whose affected-product data names Sas Base, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2002-2017 — CVSS 10.0 (critical): sastcpd in SAS/Base 8.0 allows local users to execute arbitrary code by setting the authprog environment variable to reference a malicious…
CVE-2002-2018 — CVSS 7.2 (high): sastcpd in SAS/Base 8.0 might allow local users to gain privileges by setting the netencralg environment variable, which causes a…