GLSA 200602-14 (normal) - noweb: Insecure temporary file creation
noweb is vulnerable to symlink attacks, potentially allowing a local user to overwrite arbitrary files.

GLSA 200602-13 (normal) - GraphicsMagick: Format string vulnerability
A vulnerability in GraphicsMagick allows attackers to crash the application and potentially execute arbitrary code.

GLSA 200602-12 (normal) - GPdf: heap overflows in included Xpdf code
GPdf includes vulnerable Xpdf code to handle PDF files, making it vulnerable to the execution of arbitrary code.

GLSA 200602-11 (low) - OpenSSH, Dropbear: Insecure use of system() call
A flaw in OpenSSH and Dropbear allows local users to elevate their privileges via scp.

GLSA 200602-10 (normal) - GnuPG: Incorrect signature verification
Applications relying on GnuPG to authenticate digital signatures may incorrectly believe a signature has been verified.

GLSA 200602-09 (high) - BomberClone: Remote execution of arbitrary code
BomberClone is vulnerable to a buffer overflow which may lead to remote execution of arbitrary code.

GLSA 200602-08 (high) - libtasn1, GNU TLS: Security flaw in DER decoding
A flaw in the parsing of Distinguished Encoding Rules (DER) has been discovered in libtasn1, potentially resulting in the execution of arbitrary code.

GLSA 200602-07 (normal) - Sun JDK/JRE: Applet privilege escalation
Sun's Java Development Kit (JDK) and Java Runtime Environment (JRE) do not adequately constrain applets from privilege escalation and arbitrary code execution.

GLSA 200602-06 (normal) - ImageMagick: Format string vulnerability
A vulnerability in ImageMagick allows attackers to crash the application and potentially execute arbitrary code.

GLSA 200602-05 (normal) - KPdf: Heap based overflow
KPdf includes vulnerable Xpdf code to handle PDF files, making it vulnerable to the execution of arbitrary code.

GLSA 200602-04 (normal) - Xpdf, Poppler: Heap overflow
Xpdf and Poppler are vulnerable to a heap overflow that may be exploited to execute arbitrary code.

GLSA 200602-03 (normal) - Apache: Multiple vulnerabilities
Apache can be exploited for cross-site scripting attacks and is vulnerable to a Denial of Service attack.

GLSA 200602-02 (normal) - ADOdb: PostgresSQL command injection
ADOdb is vulnerable to SQL injections if used in conjunction with a PostgreSQL database.

GLSA 200602-01 (normal) - GStreamer FFmpeg plugin: Heap-based buffer overflow
The GStreamer FFmpeg plugin is vulnerable to a buffer overflow that may be exploited by attackers to execute arbitrary code.

GLSA 200601-17 (normal) - Xpdf, Poppler, GPdf, libextractor, pdftohtml: Heap overflows
Xpdf, Poppler, GPdf, libextractor and pdftohtml are vulnerable to integer overflows that may be exploited to execute arbitrary code.

GLSA 200601-16 (normal) - MyDNS: Denial of Service
MyDNS contains a vulnerability that may lead to a Denial of Service attack.

GLSA 200601-15 (high) - Paros: Default administrator password
Paros's database component is installed without a password, allowing execution of arbitrary system commands.

GLSA 200601-14 (high) - LibAST: Privilege escalation
A buffer overflow in LibAST may result in execution of arbitrary code with escalated privileges.

GLSA 200601-13 (low) - Gallery: Cross-site scripting vulnerability
Gallery is possibly vulnerable to a cross-site scripting attack that could allow arbitrary JavaScript code execution.

GLSA 200601-12 (low) - Trac: Cross-site scripting vulnerability
Trac is vulnerable to a cross-site scripting attack that could allow arbitrary JavaScript code execution.