The mpi_powm function in lib/mpi/mpi-pow.c in the Linux kernel through 4.8.11 does not ensure that memory is allocated for limb data, which allows local users to cause a denial of service (stack memory corruption and panic) via an add_key system call for an RSA key with a zero exponent.
mm/filemap.c in the Linux kernel before 2.6.25 allows local users to cause a denial of service (infinite loop) via a writev system call that triggers an iovec of zero length, followed by a page fault ...
Cisco IOS before 12.2(33)SXI allows local users to cause a denial of service (device reboot).
mailscanner can allow local users to prevent virus signatures from being updated
paxtest handles temporary files insecurely
include/linux/init_task.h in the Linux kernel before 2.6.35 does not prevent signals with a process group ID of zero from reaching the swapper process, which allows local users to cause a denial of se...
Apple Bonjour before 2011 allows a crash via a crafted multicast DNS packet.