GLSA 200412-09 (high) - ncpfs: Buffer overflow in ncplogin and ncpmap
ncpfs is vulnerable to a buffer overflow that could lead to local execution of arbitrary code with elevated privileges.

GLSA 200412-08 (high) - nfs-utils: Multiple remote vulnerabilities
Multiple vulnerabilities have been discovered in nfs-utils that could lead to a Denial of Service, or the execution of arbitrary code.

GLSA 200412-07 (normal) - file: Arbitrary code execution
The code for parsing ELF headers in file contains a flaw which may allow an attacker to execute arbitrary code.

GLSA 200412-06 (normal) - PHProjekt: setup.php vulnerability
PHProjekt contains a vulnerability in the setup procedure allowing remote users without admin rights to change the configuration.

GLSA 200412-05 (normal) - mirrorselect: Insecure temporary file creation
mirrorselect is vulnerable to symlink attacks, potentially allowing a local user to overwrite arbitrary files.

GLSA 200412-04 (normal) - Perl: Insecure temporary file creation
Perl is vulnerable to symlink attacks, potentially allowing a local user to overwrite arbitrary files.

GLSA 200412-03 (normal) - imlib: Buffer overflows in image decoding
Multiple overflows have been found in the imlib library image decoding routines, potentially allowing execution of arbitrary code.

GLSA 200412-02 (normal) - PDFlib: Multiple overflows in the included TIFF library
PDFlib is vulnerable to multiple overflows, which can potentially lead to the execution of arbitrary code.

GLSA 200412-01 (normal) - rssh, scponly: Unrestricted command execution
rssh and scponly do not filter command-line options that can be exploited to execute any command, thereby allowing a remote user to completely bypass the restricted shell.

GLSA 200411-38 (normal) - Sun and Blackdown Java: Applet privilege escalation
The Java plug-in security in Sun and Blackdown Java environments can be bypassed to access arbitrary packages, allowing untrusted Java applets to perform unrestricted actions on the host system.

GLSA 200411-37 (high) - Open DC Hub: Remote code execution
Open DC Hub contains a buffer overflow that can be exploited to allow remote code execution.

GLSA 200411-36 (low) - phpMyAdmin: Multiple XSS vulnerabilities
phpMyAdmin is vulnerable to cross-site scripting attacks.

GLSA 200411-35 (low) - phpWebSite: HTTP response splitting vulnerability
phpWebSite is vulnerable to possible HTTP response splitting attacks.

GLSA 200411-34 (high) - Cyrus IMAP Server: Multiple remote vulnerabilities
The Cyrus IMAP Server contains multiple vulnerabilities which could lead to remote execution of arbitrary code.

GLSA 200411-33 (high) - TWiki: Arbitrary command execution
A bug in the TWiki search function allows an attacker to execute arbitrary commands with the permissions of the user running TWiki.

GLSA 200411-32 (high) - phpBB: Remote command execution
phpBB contains a vulnerability which allows a remote attacker to execute arbitrary commands with the rights of the web server user.

GLSA 200411-31 (normal) - ProZilla: Multiple vulnerabilities
ProZilla contains several buffer overflow vulnerabilities that can be exploited by a malicious server to execute arbitrary code with the rights of the user running ProZilla.

GLSA 200411-30 (normal) - pdftohtml: Vulnerabilities in included Xpdf
pdftohtml includes vulnerable Xpdf code to handle PDF files, making it vulnerable to execution of arbitrary code upon converting a malicious PDF file.

GLSA 200411-29 (normal) - unarj: Long filenames buffer overflow and a path traversal vulnerability
unarj contains a buffer overflow and a directory traversal vulnerability. This could lead to overwriting of arbitrary files or the execution of arbitrary code.

GLSA 200411-28 (normal) - X.Org, XFree86: libXpm vulnerabilities
libXpm contains several vulnerabilities that could lead to a Denial of Service and arbitrary code execution.