GLSA 200606-21 (normal) - Mozilla Thunderbird: Multiple vulnerabilities
Several vulnerabilities in Mozilla Thunderbird allow cross site scripting, JavaScript privilege escalation and possibly execution of arbitrary code.

GLSA 200606-20 (high) - Typespeed: Remote execution of arbitrary code
A buffer overflow in the network code of Typespeed can lead to the execution of arbitrary code.

GLSA 200606-19 (normal) - Sendmail: Denial of Service
Faulty multipart MIME messages can cause forked Sendmail processes to crash.

GLSA 200606-18 (normal) - PAM-MySQL: Multiple vulnerabilities
Vulnerabilities in PAM-MySQL can lead to a Denial of Service, making it impossible to log into a machine.

GLSA 200606-17 (normal) - OpenLDAP: Buffer overflow
The OpenLDAP replication server slurpd contains a buffer overflow that could result in arbitrary code execution.

GLSA 200606-16 (high) - DokuWiki: PHP code injection
A flaw in DokuWiki's spell checker allows for the execution of arbitrary PHP commands, even without proper authentication.

GLSA 200606-15 (high) - Asterisk: IAX2 video frame buffer overflow
Asterisk contains a bug in the IAX2 channel driver making it vulnerable to the remote execution of arbitrary code.

GLSA 200606-14 (high) - GDM: Privilege escalation
An authentication error in GDM could allow users to gain elevated privileges.

GLSA 200606-13 (normal) - MySQL: SQL Injection
MySQL is vulnerable to an SQL Injection flaw in the multi-byte encoding process.

GLSA 200606-12 (normal) - Mozilla Firefox: Multiple vulnerabilities
Vulnerabilities in Mozilla Firefox allow privilege escalations for JavaScript code, cross site scripting attacks, HTTP response smuggling and possibly the execution of arbitrary code.

GLSA 200606-11 (normal) - JPEG library: Denial of Service
The JPEG library is vulnerable to a Denial of Service.

GLSA 200606-10 (normal) - Cscope: Many buffer overflows
Cscope is vulnerable to multiple buffer overflows that could lead to the execution of arbitrary code.

GLSA 200606-09 (high) - SpamAssassin: Execution of arbitrary code
SpamAssassin, when running with certain options, could allow local or even remote attackers to execute arbitrary commands, possibly as the root user.

GLSA 200606-08 (high) - WordPress: Arbitrary command execution
WordPress fails to sufficiently check the format of cached username data.

GLSA 200606-07 (high) - Vixie Cron: Privilege Escalation
Vixie Cron allows local users to execute programs as root.

GLSA 200606-06 (high) - AWStats: Remote execution of arbitrary code
AWStats contains a bug in the sanitization of the input parameters which can lead to the remote execution of arbitrary code.

GLSA 200606-05 (low) - Pound: HTTP request smuggling
Pound is vulnerable to HTTP request smuggling, which could be exploited to bypass security restrictions or poison web caches.

GLSA 200606-04 (normal) - Tor: Several vulnerabilities
Tor is vulnerable to a possible buffer overflow, a Denial of Service, information disclosure and information leak.

GLSA 200606-03 (normal) - Dia: Format string vulnerabilities
Format string vulnerabilities in Dia may lead to the execution of arbitrary code.

GLSA 200606-02 (normal) - shadow: Privilege escalation
A security issue in shadow allows a local user to perform certain actions with escalated privileges.