GLSA 200507-04 (normal) - RealPlayer: Heap overflow vulnerability
RealPlayer is vulnerable to a heap overflow that could lead to remote execution of arbitrary code.

GLSA 200507-03 (high) - phpBB: Arbitrary command execution
A vulnerability in phpBB allows a remote attacker to execute arbitrary commands with the rights of the web server.

GLSA 200507-02 (high) - WordPress: Multiple vulnerabilities
WordPress contains PHP script injection, cross-site scripting and path disclosure vulnerabilities.

GLSA 200507-01 (high) - PEAR XML-RPC, phpxmlrpc: PHP script injection vulnerability
The PEAR XML-RPC and phpxmlrpc libraries allow remote attackers to execute arbitrary PHP script commands.

GLSA 200506-24 (high) - Heimdal: Buffer overflow vulnerabilities
Multiple buffer overflow vulnerabilities in Heimdal's telnetd server could allow the execution of arbitrary code.

GLSA 200506-23 (normal) - Clam AntiVirus: Denial of Service vulnerability
Clam AntiVirus is vulnerable to a Denial of Service attack when processing certain Quantum archives.

GLSA 200506-22 (normal) - sudo: Arbitrary command execution
A vulnerability in sudo may allow local users to elevate privileges.

GLSA 200506-21 (normal) - Trac: File upload vulnerability
Trac may allow remote attackers to upload files, possibly leading to the execution of arbitrary code.

GLSA 200506-20 (high) - Cacti: Several vulnerabilities
Cacti is vulnerable to several SQL injection, authentication bypass and file inclusion vulnerabilities.

GLSA 200506-19 (low) - SquirrelMail: Several XSS vulnerabilities
Squirrelmail is vulnerable to several cross-site scripting vulnerabilities which could lead to a compromise of webmail accounts.

GLSA 200506-18 (low) - Tor: Information disclosure
A flaw in Tor may allow the disclosure of arbitrary memory portions.

GLSA 200506-17 (normal) - SpamAssassin 3, Vipul's Razor: Denial of Service vulnerability
SpamAssassin and Vipul's Razor are vulnerable to a Denial of Service attack when handling certain malformed messages.

GLSA 200506-16 (normal) - cpio: Directory traversal vulnerability
cpio contains a flaw which may allow a specially crafted cpio archive to extract files to an arbitrary directory.

GLSA 200506-15 (high) - PeerCast: Format string vulnerability
PeerCast suffers from a format string vulnerability that could allow arbitrary code execution.

GLSA 200506-14 (normal) - Sun and Blackdown Java: Applet privilege escalation
Sun's and Blackdown's JDK or JRE may allow untrusted applets to elevate their privileges.

GLSA 200506-13 (normal) - webapp-config: Insecure temporary file handling
The webapp-config utility insecurely creates temporary files in a world writable directory, potentially allowing the execution of arbitrary commands.

GLSA 200506-12 (low) - MediaWiki: Cross-site scripting vulnerability
MediaWiki is vulnerable to a cross-site scripting attack that could allow arbitrary scripting code execution.

GLSA 200506-11 (normal) - Gaim: Denial of Service vulnerabilities
Gaim contains two remote Denial of Service vulnerabilities.

GLSA 200506-10 (normal) - LutelWall: Insecure temporary file creation
LutelWall is vulnerable to symlink attacks, potentially allowing a local user to overwrite arbitrary files.

GLSA 200506-09 (normal) - gedit: Format string vulnerability
gedit suffers from a format string vulnerability that could allow arbitrary code execution.