CVE-2015-3138

print-wb.c in tcpdump before 4.7.4 allows remote attackers to cause a denial of service (segmentation fault and process crash).

CVE-2016-5759

The mkdumprd script called "dracut" in the current working directory "." allows local users to trick the administrator into executing code as root.