GLSA 200604-14 (normal) - Dia: Arbitrary code execution through XFig import
Buffer overflows in Dia's XFig import could allow remote attackers to execute arbitrary code.

GLSA 200604-13 (normal) - fbida: Insecure temporary file creation
fbida is vulnerable to linking attacks, potentially allowing a local user to overwrite arbitrary files.

GLSA 200604-12 (normal) - Mozilla Firefox: Multiple vulnerabilities
Several vulnerabilities in Mozilla Firefox allow attacks ranging from execution of script code with elevated privileges to information leaks.

GLSA 200604-11 (high) - Crossfire server: Denial of Service and potential arbitrary code execution
The Crossfire game server is vulnerable to a Denial of Service and potentially to the execution of arbitrary code.

GLSA 200604-10 (normal) - zgv, xzgv: Heap overflow
xzgv and zgv attempt to decode JPEG images within the CMYK/YCCK colour space incorrectly, potentially resulting in the execution of arbitrary code.

GLSA 200604-09 (normal) - Cyrus-SASL: DIGEST-MD5 Pre-Authentication Denial of Service
Cyrus-SASL contains a vulnerability in the DIGEST-MD5 process that could lead to a Denial of Service.

GLSA 200604-08 (normal) - libapreq2: Denial of Service vulnerability
A vulnerability has been reported in libapreq2 which could lead to a Denial of Service.

GLSA 200604-07 (high) - Cacti: Multiple vulnerabilities in included ADOdb
Multiple vulnerabilities have been discovered in the ADOdb layer included in Cacti, potentially resulting in the execution of arbitrary code.

GLSA 200604-06 (high) - ClamAV: Multiple vulnerabilities
ClamAV contains multiple vulnerabilities that could lead to remote execution of arbitrary code or cause an application crash.

GLSA 200604-05 (high) - Doomsday: Format string vulnerability
Format string vulnerabilities in Doomsday may lead to the execution of arbitrary code.

GLSA 200604-04 (normal) - Kaffeine: Buffer overflow
Kaffeine is vulnerable to a buffer overflow that could lead to the execution of arbitrary code.

GLSA 200604-03 (normal) - FreeRADIUS: Authentication bypass in EAP-MSCHAPv2 module
The EAP-MSCHAPv2 module of FreeRADIUS is affected by a validation issue which causes some authentication checks to be bypassed.

GLSA 200604-02 (high) - Horde Application Framework: Remote code execution
The help viewer of the Horde Framework allows attackers to execute arbitrary remote code.

GLSA 200604-01 (low) - MediaWiki: Cross-site scripting vulnerability
MediaWiki is vulnerable to a cross-site scripting attack that could allow arbitrary JavaScript code execution.

GLSA 200603-26 (normal) - bsd-games: Local privilege escalation in tetris-bsd
tetris-bsd is prone to local privilege escalation vulnerabilities.

GLSA 200603-25 (normal) - OpenOffice.org: Heap overflow in included libcurl
OpenOffice.org contains a vulnerable version of libcurl that may cause a heap overflow when parsing URLs.

GLSA 200603-24 (normal) - RealPlayer: Buffer overflow vulnerability
RealPlayer is vulnerable to a buffer overflow that could lead to remote execution of arbitrary code.

GLSA 200603-23 (normal) - NetHack, Slash'EM, Falcon's Eye: Local privilege escalation
NetHack, Slash'EM and Falcon's Eye are vulnerable to local privilege escalation vulnerabilities that could potentially allow the execution of arbitrary code as other users.

GLSA 200603-22 (normal) - PHP: Format string and XSS vulnerabilities
Multiple vulnerabilities in PHP allow remote attackers to inject arbitrary HTTP headers, perform cross site scripting or in some cases execute arbitrary code.

GLSA 200603-21 (high) - Sendmail: Race condition in the handling of asynchronous signals
Sendmail is vulnerable to a race condition which could lead to the execution of arbitrary code with sendmail privileges.