GLSA 200409-33 (low) - Apache: Exposure of protected directories
A bug in the way Apache handles the Satisfy directive can lead to the exposure of protected directories to unauthorized users.

GLSA 200409-32 (high) - getmail: Filesystem overwrite vulnerability
getmail contains a vulnerability that could potentially allow any local user to create or overwrite files in any directory on the system. This flaw can be escalated further and possibly lead to a complete system compromise.

GLSA 200409-31 (normal) - jabberd 1.x: Denial of Service vulnerability
The jabberd server was found to be vulnerable to a remote Denial of Service attack.

GLSA 200409-30 (normal) - xine-lib: Multiple vulnerabilities
xine-lib contains several vulnerabilities potentially allowing the execution of arbitrary code.

GLSA 200409-29 (normal) - FreeRADIUS: Multiple Denial of Service vulnerabilities
Multiple Denial of Service vulnerabilities were found and fixed in FreeRADIUS.

GLSA 200409-28 (normal) - GTK+ 2, gdk-pixbuf: Multiple image decoding vulnerabilities
The GdkPixbuf library, which is also included in GTK+ 2, contains several vulnerabilities that could lead to a Denial of Service or the execution of arbitrary code.

GLSA 200409-27 (normal) - glFTPd: Local buffer overflow vulnerability
glFTPd is vulnerable to a local buffer overflow which may allow arbitrary code execution.

GLSA 200409-26 (normal) - Mozilla, Firefox, Thunderbird, Epiphany: New releases fix vulnerabilities
New releases of Mozilla, Epiphany, Mozilla Thunderbird, and Mozilla Firefox fix several vulnerabilities, including the remote execution of arbitrary code.

GLSA 200409-25 (normal) - CUPS: Denial of service vulnerability
A vulnerability in CUPS allows remote attackers to cause a denial of service when sending a carefully-crafted UDP packet to the IPP port.

GLSA 200409-24 (high) - Foomatic: Arbitrary command execution in foomatic-rip filter
The foomatic-rip filter in foomatic-filters contains a vulnerability which may allow arbitrary command execution on the print server.

GLSA 200409-23 (low) - SnipSnap: HTTP response splitting
SnipSnap is vulnerable to HTTP response splitting attacks such as web cache poisoning, cross-user defacement, and cross-site scripting.

GLSA 200409-22 (normal) - phpGroupWare: XSS vulnerability in wiki module
The phpGroupWare software contains a cross site scripting vulnerability in the wiki module.

GLSA 200409-21 (normal) - Apache 2, mod_dav: Multiple vulnerabilities
Several vulnerabilities have been found in Apache 2 and mod_dav for Apache 1.3 which could allow a remote attacker to cause a Denial of Service or a local user to get escalated privileges.

GLSA 200409-20 (normal) - mpg123: Buffer overflow vulnerability
mpg123 decoding routines contain a buffer overflow bug that might lead to arbitrary code execution.

GLSA 200409-19 (high) - Heimdal: ftpd root escalation
Several bugs exist in the Heimdal ftp daemon which could allow a remote attacker to gain root privileges.

GLSA 200409-18 (high) - cdrtools: Local root vulnerability in cdrecord if set SUID root
cdrecord, if manually set SUID root, is vulnerable to a local root exploit allowing users to escalate privileges.

GLSA 200409-17 (high) - SUS: Local root vulnerability
SUS contains a string format bug that could lead to local privilege escalation.

GLSA 200409-16 (normal) - Samba: Denial of Service vulnerabilities
Two Denial of Service vulnerabilities have been found and fixed in Samba.

GLSA 200409-15 (normal) - Webmin, Usermin: Multiple vulnerabilities in Usermin
A vulnerability in the webmail function of Usermin could be used by an attacker to execute shell code via a specially-crafted e-mail. A bug in the installation script of Webmin and Usermin also allows a local user to execute a symlink attack at installation time.

GLSA 200409-14 (low) - Samba: Remote printing non-vulnerability
Samba has a bug with out of sequence print change notification requests, but it cannot be used to perform a remote denial of service attack.