GLSA 200410-18 (normal) - Ghostscript: Insecure temporary file use in multiple scripts
Multiple scripts in the Ghostscript package are vulnerable to symlink attacks, potentially allowing a local user to overwrite arbitrary files with the rights of the user running the script.

GLSA 200410-17 (low) - OpenOffice.org: Temporary files disclosure
OpenOffice.org uses insecure temporary files which could allow a malicious local user to gain knowledge of sensitive information from other users' documents.

GLSA 200410-16 (normal) - PostgreSQL: Insecure temporary file use in make_oidjoins_check
The make_oidjoins_check script, part of the PostgreSQL package, is vulnerable to symlink attacks, potentially allowing a local user to overwrite arbitrary files with the rights of the user running the utility.

GLSA 200410-15 (normal) - Squid: Remote DoS vulnerability
Squid contains a vulnerability in the SNMP module which may lead to a denial of service.

GLSA 200410-14 (high) - phpMyAdmin: Vulnerability in MIME-based transformation system
A vulnerability has been found in the MIME-based transformation system of phpMyAdmin, which may allow remote execution of arbitrary commands if PHP's "safe mode" is disabled.

GLSA 200410-13 (normal) - BNC: Input validation flaw
BNC contains an input validation flaw which might allow a remote attacker to issue arbitrary IRC related commands.

GLSA 200410-12 (low) - WordPress: HTTP response splitting and XSS vulnerabilities
WordPress contains HTTP response splitting and cross-site scripting vulnerabilities.

GLSA 200410-11 (normal) - tiff: Buffer overflows in image decoding
Multiple heap-based overflows have been found in the tiff library image decoding routines, potentially allowing to execute arbitrary code with the rights of the user viewing a malicious image.

GLSA 200410-10 (low) - gettext: Insecure temporary file handling
The gettext utility is vulnerable to symlink attacks, potentially allowing a local user to overwrite or change permissions on arbitrary files with the rights of the user running gettext, which could be the root user.

GLSA 200410-09 (normal) - LessTif: Integer and stack overflows in libXpm
Multiple vulnerabilities have been discovered in libXpm, which is included in LessTif, that can potentially lead to remote code execution.

GLSA 200410-08 (normal) - ncompress: Buffer overflow
compress and uncompress, which could be used by daemon programs, contain a buffer overflow that could lead to remote execution of arbitrary code with the rights of the daemon process.

GLSA 200410-07 (normal) - ed: Insecure temporary file handling
The ed utility is vulnerable to symlink attacks, potentially allowing a local user to overwrite or change rights on arbitrary files with the rights of the user running ed, which could be the root user.

GLSA 200410-06 (normal) - CUPS: Leakage of sensitive information
CUPS leaks information about user names and passwords when using remote printing to SMB-shared printers which require authentication.

GLSA 200410-05 (high) - Cyrus-SASL: Buffer overflow and SASL_PATH vulnerabilities
Cyrus-SASL contains two vulnerabilities that might allow an attacker to completely compromise the vulnerable system.

GLSA 200410-04 (normal) - PHP: Memory disclosure and arbitrary location file upload
Two bugs in PHP may allow the disclosure of portions of memory and allow remote attackers to upload files to arbitrary locations.

GLSA 200410-03 (high) - NetKit-telnetd: buffer overflows in telnet and telnetd
Buffer overflows exist in the telnet client and daemon provided by netkit-telnetd, which could possibly allow a remote attacker to gain root privileges and compromise the system.

GLSA 200410-02 (normal) - Netpbm: Multiple temporary file issues
Utilities included in old Netpbm versions are vulnerable to multiple temporary files issues, potentially allowing a local attacker to overwrite files with the rights of the user running the utility.

GLSA 200410-01 (normal) - sharutils: Buffer overflows in shar.c and unshar.c
sharutils contains two buffer overflow vulnerabilities that could lead to arbitrary code execution.

GLSA 200409-35 (low) - Subversion: Metadata information leak
An information leak in mod_authz_svn could allow sensitive metadata of protected areas to be leaked to unauthorized users.

GLSA 200409-34 (normal) - X.org, XFree86: Integer and stack overflows in libXpm
libXpm, the X Pixmap library that is a part of the X Window System, contains multiple stack and integer overflows that may allow a carefully-crafted XPM file to crash applications linked against libXpm, potentially allowing the execution of arbitrary code.