Format string vulnerability in splitvt before 1.6.5 allows local users to execute arbitrary commands via the -rcfile command line argument.

misc.c in splitvt 1.6.6 and earlier does not drop group privileges before executing xprop, which allows local users to gain privileges.

Multiple buffer overflows in splitvt before 1.6.5 allow local users to execute arbitrary commands.

Buffer overflow in Linux splitvt command gives root access to local users.