2005-06-18 gzip -- directory traversal and permission race vulnerabilities
tcpdump -- infinite loops in protocol decoding
2005-06-17 fd_set -- bitmap index overflow in multiple applications
gaim -- MSN Remote DoS vulnerability
gaim -- Yahoo! remote crash vulnerability
gallery -- cross-site scripting
gallery -- remote code injection via HTTP_POST_VARS
kstars -- exploitable set-user-ID application fliccd
2005-06-09 leafnode -- denial of service vulnerability
2005-06-03 gforge -- directory traversal vulnerability
imap-uw -- authentication bypass when CRAM-MD5 is enabled
racoon -- remote denial-of-service
squid -- denial-of-service vulnerabilities
xli -- integer overflows in image size calculations
xloadimage -- arbitrary command execution when handling compressed files
xloadimage -- buffer overflow in FACES image handling
yamt -- buffer overflow and directory traversal issues
2005-06-01 linux_base -- vulnerabilities in Red Hat 7.1 libraries
mailman -- generated passwords are poor quality
mailman -- password disclosure
squirrelmail -- XSS and remote code injection vulnerabilities
sympa -- buffer overflow in "queue"
tomcat -- Tomcat Manager cross-site scripting
xtrlock -- X display locking bypass
xview -- multiple buffer overflows in xv_parse_one
2005-05-29 fswiki -- XSS problem in file upload form
2005-05-22 freeradius -- sql injection and denial of service vulnerability
oops -- format string vulnerability
ppxp -- local root exploit
2005-05-19 cdrdao -- unspecified privilege escalation vulnerability
squid -- DNS lookup spoofing vulnerability
squid -- possible abuse of cachemgr.cgi
2005-05-14 gaim -- MSN remote DoS vulnerability
gaim -- remote crash on some protocols
2005-05-13 kernel -- information disclosure when using HTT
leafnode -- fetchnews denial-of-service triggered by transmission abort/timeout
2005-05-12 mozilla -- "Wrapped" javascript
: urls bypass security checks
mozilla -- privilege escalation via non-DOM property overrides
2005-05-11 mozilla -- code execution via javascript
: IconURL vulnerability
2005-05-09 groff -- groffer uses temporary files unsafely
groff -- pic2graph and eqn2graph are vulnerable to symlink attack through temporary files
2005-05-01 coppermine -- IP spoofing and XSS vulnerability
rsnapshot -- local privilege escalation
sharutils -- unshar insecure temporary file creation