CVE-2005-0764

Buffer overflow in command.C for rxvt-unicode before 5.3 allows remote attackers to execute arbitrary code via a crafted file containing long escape sequences.

CVE-2004-2215

RXVT-Unicode 3.4 and 3.5 does not properly close file descriptors, which allows local users to access the terminals of other users and possibly gain privileges.