smtp_mailaddr in smtp_session.c in OpenSMTPD 6.6, as used in OpenBSD 6.6 and other products, allows remote attackers to execute arbitrary commands as root via a crafted SMTP session, as demonstrated by shell metacharacters in a MAIL FROM field. This affects the "uncommented" default configuration. The issue exists because of an incorrect return value upon failure of input validation.

This module crashes the target machine producing a blue screen by sending a specially crafted SMB packet

Integard Pro is prone to a buffer-overflow vulnerability when handling a crafted POST packet.

Citrix Application Delivery Controller (ADC) and Gateway are prone to a directory traversal vulnerability that allows attackers to upload an XML file via newbm.pl and execute system commands.

This can be exploited to execute arbitrary code with System privileges. It is working until KB4497727 and KB4495666 for Windows 10 x64 v1903

The vulnerability was a buffer overflow in Viper RGB driver.

The vulnerability allows read and write to arbitrary memory locations, and consequently gain NT AUTHORITY\SYSTEM privileges, by mapping \Device\PhysicalMemory into the calling process via ZwOpenSection and ZwMapViewOfSection.

An elevation of privilege vulnerability exists in the way that ws2ifsl.sys (Winsock) handles objects in memory, aka 'Windows Elevation of Privilege Vulnerability'

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory.

The srv2.sys driver exposes functionality that allows remote users to write arbitrary memory via specially crafted packet and gain the ability to execute code on the target server.