Let's not forget https://www.cvedetails.com/cve/CVE-2013-1050/ and https://www.cvedetails.com/cve/CVE-2015-7496/ and https://www.cvedetails.com/cve/CVE-2017-8900/ (to a lesser extent). Check out https://www.cvedetails.com/vulnerability-list.php?vendor_id=... for more fun.

But the Windows 95 login was just for logging into the network, not the computer

I think that if you hit Cancel there it would work just as well. You wouldn't get it logged into the domain though

Yes - from what I recall there was not even a pretense of security. Everything was just unencrypted FAT (VFAT rather than FAT32) and if you logged in as one user all other user's data was clearly visible - it was just a means to have your own user workspace and customisations applied. Windows 95 and everything up to (not including) XP was a toy OS for home users ... If you wanted "grown up" features you had to go for NT.

Oh dear, I remember something similar was possible on iOS lockscreen multiple times. What version of Windows was that?

95. 98 had an even better one... just hitting cancel on some login boxes would let you in.

I believe that was by design: the dialog was an opportunity to authenticate with the domain. If you just wanted local access you could hit cancel. Remember Win9x was not a secure OS itself.

Pretty sure I've seen a similar trick on XP or later as well. (I learned it from someone I didn't meet until long after I last saw a 95/98/2000 machine.)

This was the worst one for me:

https://www.cvedetails.com/cve/CVE-2017-12712/

I remember an article somewhere about these kinds of bugs. A lot of medical hardware/software combos are/can be compromised. And here comes the problem: do you disclose the vulnerabilities since it means potentially killing people? How long do you wait before manufacturers acknowledge and fix the problem (and they often don't)?

So yeah, these types of vulnerabilities are very very scary.