GLSA 200909-14 (normal) - Horde: Multiple vulnerabilities
Multiple vulnerabilities have been discovered in Horde and two modules, allowing for the execution of arbitrary code, information disclosure, or Cross-Site Scripting.

GLSA 200909-13 (high) - irssi: Execution of arbitrary code
A remotely exploitable off-by-one error leading to a heap overflow was found in irssi which might result in the execution of arbitrary code.

GLSA 200909-12 (normal) - HTMLDOC: User-assisted execution of arbitrary code
Multiple insecure calls to the sscanf() function in HTMLDOC might result in the execution of arbitrary code.

GLSA 200909-11 (normal) - GCC-XML: Insecure temporary file usage
An insecure temporary file usage has been reported in GCC-XML allowing for symlink attacks.

GLSA 200909-10 (normal) - LMBench: Insecure temporary file usage
Multiple insecure temporary file usage issues have been reported in LMBench, allowing for symlink attacks.

GLSA 200909-09 (normal) - Screenie: Insecure temporary file usage
An insecure temporary file usage has been reported in Screenie, allowing for symlink attacks.

GLSA 200909-08 (normal) - C* music player: Insecure temporary file usage
An insecure temporary file usage has been reported in the C* music player, allowing for symlink attacks.

GLSA 200909-07 (normal) - TkMan: Insecure temporary file usage
An insecure temporary file usage has been reported in TkMan, allowing for symlink attacks.

GLSA 200909-06 (normal) - aMule: Parameter injection
An input validation error in aMule enables remote attackers to pass arbitrary parameters to a victim's media player.

GLSA 200909-05 (normal) - Openswan: Denial of Service
Multiple vulnerabilities in the pluto IKE daemon of Openswan might allow remote attackers to cause a Denial of Service.

GLSA 200909-04 (normal) - Clam AntiVirus: Multiple vulnerabilities
Multiple vulnerabilities in ClamAV allow for the remote execution of arbitrary code or Denial of Service.

GLSA 200909-03 (normal) - Apache Portable Runtime, APR Utility Library: Execution of arbitrary code
Multiple integer overflows in the Apache Portable Runtime and its Utility Library might allow for the remote execution of arbitrary code.

GLSA 200909-02 (normal) - libvorbis: User-assisted execution of arbitrary code
A processing error in libvorbis might result in the execution of arbitrary code or a Denial of Service.

GLSA 200909-01 (normal) - Linux-PAM: Privilege escalation
An error in the handling of user names of Linux-PAM might allow remote attackers to cause a Denial of Service or escalate privileges.

GLSA 200908-10 (normal) - Dillo: User-assisted execution of arbitrary code
An integer overflow in the PNG handling of Dillo might result in the remote execution of arbitrary code.

GLSA 200908-09 (high) - DokuWiki: Local file inclusion
An input sanitation error in DokuWiki might lead to the dislosure of local files or even the remote execution of arbitrary code.

GLSA 200908-08 (normal) - ISC DHCP: dhcpd Denial of Service
dhcpd as included in the ISC DHCP implementation does not properly handle special conditions, leading to a Denial of Service.

GLSA 200908-07 (normal) - Perl Compress::Raw modules: Denial of Service
An off-by-one error in Compress::Raw::Zlib and Compress::Raw::Bzip2 might lead to a Denial of Service.

GLSA 200908-06 (normal) - CDF: User-assisted execution of arbitrary code
Multiple heap-based buffer overflows in CDF might result in the execution of arbitrary code.

GLSA 200908-05 (high) - Subversion: Remote execution of arbitrary code
Multiple integer overflows, leading to heap-based buffer overflows in the Subversion client and server might allow remote attackers to execute arbitrary code.