GLSA 200412-05 (normal) - mirrorselect: Insecure temporary file creation
mirrorselect is vulnerable to symlink attacks, potentially allowing a local user to overwrite arbitrary files.

GLSA 200412-04 (normal) - Perl: Insecure temporary file creation
Perl is vulnerable to symlink attacks, potentially allowing a local user to overwrite arbitrary files.

GLSA 200412-03 (normal) - imlib: Buffer overflows in image decoding
Multiple overflows have been found in the imlib library image decoding routines, potentially allowing execution of arbitrary code.

GLSA 200412-02 (normal) - PDFlib: Multiple overflows in the included TIFF library
PDFlib is vulnerable to multiple overflows, which can potentially lead to the execution of arbitrary code.

GLSA 200412-01 (normal) - rssh, scponly: Unrestricted command execution
rssh and scponly do not filter command-line options that can be exploited to execute any command, thereby allowing a remote user to completely bypass the restricted shell.

GLSA 200411-38 (normal) - Sun and Blackdown Java: Applet privilege escalation
The Java plug-in security in Sun and Blackdown Java environments can be bypassed to access arbitrary packages, allowing untrusted Java applets to perform unrestricted actions on the host system.

GLSA 200411-37 (high) - Open DC Hub: Remote code execution
Open DC Hub contains a buffer overflow that can be exploited to allow remote code execution.

GLSA 200411-36 (low) - phpMyAdmin: Multiple XSS vulnerabilities
phpMyAdmin is vulnerable to cross-site scripting attacks.

GLSA 200411-35 (low) - phpWebSite: HTTP response splitting vulnerability
phpWebSite is vulnerable to possible HTTP response splitting attacks.

GLSA 200411-34 (high) - Cyrus IMAP Server: Multiple remote vulnerabilities
The Cyrus IMAP Server contains multiple vulnerabilities which could lead to remote execution of arbitrary code.

GLSA 200411-33 (high) - TWiki: Arbitrary command execution
A bug in the TWiki search function allows an attacker to execute arbitrary commands with the permissions of the user running TWiki.

GLSA 200411-32 (high) - phpBB: Remote command execution
phpBB contains a vulnerability which allows a remote attacker to execute arbitrary commands with the rights of the web server user.

GLSA 200411-31 (normal) - ProZilla: Multiple vulnerabilities
ProZilla contains several buffer overflow vulnerabilities that can be exploited by a malicious server to execute arbitrary code with the rights of the user running ProZilla.

GLSA 200411-30 (normal) - pdftohtml: Vulnerabilities in included Xpdf
pdftohtml includes vulnerable Xpdf code to handle PDF files, making it vulnerable to execution of arbitrary code upon converting a malicious PDF file.

GLSA 200411-29 (normal) - unarj: Long filenames buffer overflow and a path traversal vulnerability
unarj contains a buffer overflow and a directory traversal vulnerability. This could lead to overwriting of arbitrary files or the execution of arbitrary code.

GLSA 200411-28 (normal) - X.Org, XFree86: libXpm vulnerabilities
libXpm contains several vulnerabilities that could lead to a Denial of Service and arbitrary code execution.

GLSA 200411-27 (normal) - Fcron: Multiple vulnerabilities
Multiple vulnerabilities in Fcron can allow a local user to potentially cause a Denial of Service.

GLSA 200411-26 (high) - GIMPS, SETI@home, ChessBrain: Insecure installation
Improper file ownership allows user-owned files to be run with root privileges by init scripts.

GLSA 200411-25 (low) - SquirrelMail: Encoded text XSS vulnerability
Squirrelmail fails to properly sanitize user input, which could lead to a compromise of webmail accounts.

GLSA 200411-24 (high) - BNC: Buffer overflow vulnerability
BNC contains a buffer overflow vulnerability that may lead to Denial of Service and execution of arbitrary code.