GLSA 200501-42 (normal) - VDR: Arbitrary file overwriting issue
VDR insecurely accesses files with elevated privileges, which may result in the overwriting of arbitrary files.

GLSA 200501-41 (high) - TikiWiki: Arbitrary command execution
A bug in TikiWiki allows certain users to upload and execute malicious PHP scripts.

GLSA 200501-40 (high) - ngIRCd: Buffer overflow
ngIRCd is vulnerable to a buffer overflow that can be used to crash the daemon and possibly execute arbitrary code.

GLSA 200501-39 (high) - SquirrelMail: Multiple vulnerabilities
SquirrelMail fails to properly sanitize user input, which could lead to arbitrary code execution and compromise webmail accounts.

GLSA 200501-38 (normal) - Perl: rmtree and DBI tmpfile vulnerabilities
The Perl DBI library and File::Path::rmtree function are vulnerable to symlink attacks.

GLSA 200501-37 (normal) - GraphicsMagick: PSD decoding heap overflow
GraphicsMagick is vulnerable to a heap overflow when decoding Photoshop Document (PSD) files, which could lead to arbitrary code execution.

GLSA 200501-36 (high) - AWStats: Remote code execution
AWStats fails to validate certain input, which could lead to the remote execution of arbitrary code or to the leak of information.

GLSA 200501-35 (high) - Evolution: Integer overflow in camel-lock-helper
An overflow in the camel-lock-helper application can be exploited by an attacker to execute arbitrary code with elevated privileges.

GLSA 200501-34 (normal) - Konversation: Various vulnerabilities
Konversation contains multiple vulnerabilities that could lead to remote command execution or information leaks.

GLSA 200501-33 (normal) - MySQL: Insecure temporary file creation
MySQL is vulnerable to symlink attacks, potentially allowing a local user to overwrite arbitrary files.

GLSA 200501-32 (normal) - KPdf, KOffice: Stack overflow in included Xpdf code
KPdf and KOffice both include vulnerable Xpdf code to handle PDF files, making them vulnerable to the execution of arbitrary code.

GLSA 200501-31 (normal) - teTeX, pTeX, CSTeX: Multiple vulnerabilities
teTeX, pTeX and CSTeX make use of vulnerable Xpdf code which may allow the remote execution of arbitrary code. Furthermore, the xdvizilla script is vulnerable to temporary file handling issues.

GLSA 200501-30 (normal) - CUPS: Stack overflow in included Xpdf code
CUPS includes Xpdf code and therefore is vulnerable to the recent stack overflow issue, potentially resulting in the remote execution of arbitrary code.

GLSA 200501-29 (low) - Mailman: Cross-site scripting vulnerability
Mailman is vulnerable to cross-site scripting attacks.

GLSA 200501-28 (normal) - Xpdf, GPdf: Stack overflow in Decrypt::makeFileKey2
A stack overflow was discovered in Xpdf, potentially resulting in the execution of arbitrary code. GPdf includes Xpdf code and therefore is vulnerable to the same issue.

GLSA 200501-27 (high) - Ethereal: Multiple vulnerabilities
Multiple vulnerabilities exist in Ethereal, which may allow an attacker to run arbitrary code, crash the program or perform DoS by CPU and disk utilization.

GLSA 200501-26 (normal) - ImageMagick: PSD decoding heap overflow
ImageMagick is vulnerable to a heap overflow when decoding Photoshop Document (PSD) files, which could lead to arbitrary code execution.

GLSA 200501-25 (normal) - Squid: Multiple vulnerabilities
Squid contains vulnerabilities in the the code handling NTLM (NT Lan Manager), Gopher to HTML, ACLs and WCCP (Web Cache Communication Protocol) which could lead to ACL bypass, denial of service and arbitrary code execution.

GLSA 200501-24 (normal) - tnftp: Arbitrary file overwriting
tnftp fails to validate filenames when downloading files, making it vulnerable to arbitrary file overwriting.

GLSA 200501-23 (high) - Exim: Two buffer overflows
Buffer overflow vulnerabilities, which could lead to arbitrary code execution, have been found in the handling of IPv6 addresses as well as in the SPA authentication mechanism in Exim.