GLSA 200502-28 (normal) - PuTTY: Remote code execution
PuTTY was found to contain vulnerabilities that can allow a malicious SFTP server to execute arbitrary code on unsuspecting PSCP and PSFTP clients.

GLSA 200502-27 (normal) - gFTP: Directory traversal vulnerability
gFTP is vulnerable to directory traversal attacks, possibly leading to the creation or overwriting of arbitrary files.

GLSA 200502-26 (normal) - GProFTPD: gprostats format string vulnerability
gprostats, distributed with GProFTPD, is vulnerable to a format string vulnerability, potentially leading to the execution of arbitrary code.

GLSA 200502-25 (normal) - Squid: Denial of Service through DNS responses
Squid contains a bug in the handling of certain DNS responses resulting in a Denial of Service.

GLSA 200502-24 (normal) - Midnight Commander: Multiple vulnerabilities
Midnight Commander contains several format string errors, buffer overflows and one buffer underflow leading to execution of arbitrary code.

GLSA 200502-23 (high) - KStars: Buffer overflow in fliccd
KStars is vulnerable to a buffer overflow that could lead to arbitrary code execution with elevated privileges.

GLSA 200502-22 (normal) - wpa_supplicant: Buffer overflow vulnerability
wpa_supplicant contains a buffer overflow that could lead to a Denial of Service.

GLSA 200502-21 (low) - lighttpd: Script source disclosure
An attacker can trick lighttpd into revealing the source of scripts that should be executed as CGI or FastCGI applications.

GLSA 200502-20 (normal) - Emacs, XEmacs: Format string vulnerabilities in movemail
The movemail utility shipped with Emacs and XEmacs contains several format string vulnerabilities, potentially leading to the execution of arbitrary code.

GLSA 200502-19 (high) - PostgreSQL: Buffer overflows in PL/PgSQL parser
PostgreSQL is vulnerable to several buffer overflows in the PL/PgSQL parser leading to execution of arbitrary code.

GLSA 200502-18 (normal) - VMware Workstation: Untrusted library search path
VMware may load shared libraries from an untrusted, world-writable directory, resulting in the execution of arbitrary code.

GLSA 200502-17 (normal) - Opera: Multiple vulnerabilities
Opera is vulnerable to several vulnerabilities which could result in information disclosure and facilitate execution of arbitrary code.

GLSA 200502-16 (low) - ht://Dig: Cross-site scripting vulnerability
ht://Dig is vulnerable to cross-site scripting attacks.

GLSA 200502-15 (normal) - PowerDNS: Denial of Service vulnerability
A vulnerability in PowerDNS could lead to a temporary Denial of Service.

GLSA 200502-14 (low) - mod_python: Publisher Handler vulnerability
mod_python contains a vulnerability in the Publisher Handler potentially leading to information disclosure.

GLSA 200502-13 (high) - Perl: Vulnerabilities in perl-suid wrapper
Vulnerabilities leading to file overwriting and code execution with elevated privileges have been discovered in the perl-suid wrapper.

GLSA 200502-12 (normal) - Webmin: Information leak in Gentoo binary package
Portage-built Webmin binary packages accidentally include a file containing the local encrypted root password.

GLSA 200502-11 (normal) - Mailman: Directory traversal vulnerability
Mailman fails to properly sanitize input, leading to information disclosure.

GLSA 200502-10 (normal) - pdftohtml: Vulnerabilities in included Xpdf
pdftohtml includes vulnerable Xpdf code to handle PDF files, making it vulnerable to execution of arbitrary code upon converting a malicious PDF file.

GLSA 200502-09 (high) - Python: Arbitrary code execution through SimpleXMLRPCServer
Python-based XML-RPC servers may be vulnerable to remote execution of arbitrary code.