mod_negotiation as shipped with Apache versions 1.3.39 and below, 2.0.61 and below, and 2.2.6 and below suffers from cross site scripting and http response splitting vulnerabilities.
The Level-One WBR-3460A firmware versions 1.00.11 and 1.00.12 suffer from a remote root compromise vulnerability due to unrestricted access via telnetd.
Core Security Technologies Advisory - The vdccm daemon from SynCE version 0.92 is susceptible to a remote command injection vulnerability. Proof of concept code included.