
A few notes:
Due to incorrect PKCS#1 v1.5 padding validation in OpenSSL, it is possible for an attacker to construct an invalid signature which OpenSSL would accept as a valid PKCS#1 v1.5 signature. CVE-2006-4339
Two Denial of Service issues have been found with BIND. An attacker who can perform recursive lookups on a DNS server and is able to send a sufficiently large number of recursive queries, or is able to get the DNS server to return more than one SIG(covered) RRsets can stop the functionality of the DNS service. An attacker querying an authoritative DNS server serving a RFC 2535 DNSSEC zone may be able to crash the DNS server. CVE-2006-4095, CVE-2006-4096
Due to the failure to correctly validate LCP configuration option lengths, it is possible for an attacker to send LCP packets via an sppp(4) connection causing the kernel to panic. CVE-2006-4304
Advertisers pay to post details about their "opportunity," specifying, among other things, how they want bloggers to write about, say, a new shoe, if they want photos to be included, and whether they'll pay only for positive mentions. Bloggers who abide by the rules get paid; heavily trafficked blogs may command premium rates.