GLSA 200606-13 (normal) - MySQL: SQL Injection
MySQL is vulnerable to an SQL Injection flaw in the multi-byte encoding process.

GLSA 200606-12 (normal) - Mozilla Firefox: Multiple vulnerabilities
Vulnerabilities in Mozilla Firefox allow privilege escalations for JavaScript code, cross site scripting attacks, HTTP response smuggling and possibly the execution of arbitrary code.

GLSA 200606-11 (normal) - JPEG library: Denial of Service
The JPEG library is vulnerable to a Denial of Service.

GLSA 200606-10 (normal) - Cscope: Many buffer overflows
Cscope is vulnerable to multiple buffer overflows that could lead to the execution of arbitrary code.

GLSA 200606-09 (high) - SpamAssassin: Execution of arbitrary code
SpamAssassin, when running with certain options, could allow local or even remote attackers to execute arbitrary commands, possibly as the root user.

GLSA 200606-08 (high) - WordPress: Arbitrary command execution
WordPress fails to sufficiently check the format of cached username data.

GLSA 200606-07 (high) - Vixie Cron: Privilege Escalation
Vixie Cron allows local users to execute programs as root.

GLSA 200606-06 (high) - AWStats: Remote execution of arbitrary code
AWStats contains a bug in the sanitization of the input parameters which can lead to the remote execution of arbitrary code.

GLSA 200606-05 (low) - Pound: HTTP request smuggling
Pound is vulnerable to HTTP request smuggling, which could be exploited to bypass security restrictions or poison web caches.

GLSA 200606-04 (normal) - Tor: Several vulnerabilities
Tor is vulnerable to a possible buffer overflow, a Denial of Service, information disclosure and information leak.

GLSA 200606-03 (normal) - Dia: Format string vulnerabilities
Format string vulnerabilities in Dia may lead to the execution of arbitrary code.

GLSA 200606-02 (normal) - shadow: Privilege escalation
A security issue in shadow allows a local user to perform certain actions with escalated privileges.

GLSA 200606-01 (normal) - Opera: Buffer overflow
Opera contains an integer signedness error resulting in a buffer overflow which may allow a remote attacker to execute arbitrary code.

GLSA 200605-17 (normal) - libTIFF: Multiple vulnerabilities
Multiple vulnerabilities in libTIFF could lead to the execution of arbitrary code or a Denial of Service.

GLSA 200605-16 (low) - CherryPy: Directory traversal vulnerability
CherryPy is vulnerable to a directory traversal that could allow attackers to read arbitrary files.

GLSA 200605-15 (normal) - Quagga Routing Suite: Multiple vulnerabilities
Quagga's RIP daemon allows the injection of routes and the disclosure of routing information. The BGP daemon is vulnerable to a Denial of Service.

GLSA 200605-14 (normal) - libextractor: Two heap-based buffer overflows
libextractor is vulnerable to two heap overflow vulnerabilities which could lead to the execution of arbitrary code.

GLSA 200605-13 (low) - MySQL: Information leakage
A MySQL server may leak information to unauthorized users.

GLSA 200605-12 (normal) - Quake 3 engine based games: Buffer Overflow
The Quake 3 engine has a vulnerability that could be exploited to execute arbitrary code.

GLSA 200605-11 (normal) - Ruby: Denial of Service
Ruby WEBrick and XMLRPC servers are vulnerable to Denial of Service.