GLSA 200501-22 (high) - poppassd_pam: Unauthorized password changing
poppassd_pam allows anyone to change any user's password without authenticating the user first.

GLSA 200501-21 (normal) - HylaFAX: hfaxd unauthorized login vulnerability
HylaFAX is subject to a vulnerability in its username matching code, potentially allowing remote users to bypass access control lists.

GLSA 200501-20 (normal) - o3read: Buffer overflow during file conversion
A buffer overflow in o3read allows an attacker to execute arbitrary code by way of a specially crafted XML file.

GLSA 200501-19 (normal) - imlib2: Buffer overflows in image decoding
Multiple overflows have been found in the imlib2 library image decoding routines, potentially allowing the execution of arbitrary code.

GLSA 200501-18 (normal) - KDE FTP KIOslave: Command injection
The FTP KIOslave contains a bug allowing users to execute arbitrary FTP commands.

GLSA 200501-17 (normal) - KPdf, KOffice: More vulnerabilities in included Xpdf
KPdf and KOffice both include vulnerable Xpdf code to handle PDF files, making them vulnerable to the execution of arbitrary code if a user is enticed to view a malicious PDF file.

GLSA 200501-16 (normal) - Konqueror: Java sandbox vulnerabilities
The Java sandbox environment in Konqueror can be bypassed to access arbitrary packages, allowing untrusted Java applets to perform unrestricted actions on the host system.

GLSA 200501-15 (normal) - UnRTF: Buffer overflow
A buffer overflow in UnRTF allows an attacker to execute arbitrary code by way of a specially crafted RTF file.

GLSA 200501-14 (normal) - mpg123: Buffer overflow
An attacker may be able to execute arbitrary code by way of specially crafted MP2 or MP3 files.

GLSA 200501-13 (normal) - pdftohtml: Vulnerabilities in included Xpdf
pdftohtml includes vulnerable Xpdf code to handle PDF files, making it vulnerable to execution of arbitrary code upon converting a malicious PDF file.

GLSA 200501-12 (high) - TikiWiki: Arbitrary command execution
A bug in TikiWiki allows certain users to upload and execute malicious PHP scripts.

GLSA 200501-11 (normal) - Dillo: Format string vulnerability
Dillo is vulnerable to a format string bug, which may result in the execution of arbitrary code.

GLSA 200501-10 (normal) - Vilistextum: Buffer overflow vulnerability
Vilistextum is vulnerable to a buffer overflow that allows an attacker to execute arbitrary code through the use of a malicious webpage.

GLSA 200501-09 (normal) - xzgv: Multiple overflows
xzgv contains multiple overflows that may lead to the execution of arbitrary code.

GLSA 200501-08 (normal) - phpGroupWare: Various vulnerabilities
Multiple vulnerabilities have been discovered in phpGroupWare that could lead to information disclosure or remote compromise.

GLSA 200501-07 (normal) - xine-lib: Multiple overflows
xine-lib contains multiple overflows potentially allowing execution of arbitrary code.

GLSA 200501-06 (normal) - tiff: New overflows in image decoding
An integer overflow has been found in the TIFF library image decoding routines and the tiffdump utility, potentially allowing arbitrary code execution.

GLSA 200501-05 (high) - mit-krb5: Heap overflow in libkadm5srv
The MIT Kerberos 5 administration library (libkadm5srv) contains a heap overflow that could lead to execution of arbitrary code.

GLSA 200501-04 (normal) - Shoutcast Server: Remote code execution
Shoutcast Server contains a possible buffer overflow that could lead to the execution of arbitrary code.

GLSA 200501-03 (normal) - Mozilla, Firefox, Thunderbird: Various vulnerabilities
Various vulnerabilities were found and fixed in Mozilla-based products, ranging from a potential buffer overflow and temporary files disclosure to anti-spoofing issues.