Integer overflow in the get_fdb_entries function in net/bridge/br_ioctl.c in the Linux kernel before 2.6.18.4 allows local users to execute arbitrary code via a large maxnum value in an ioctl request.

PHP remote file inclusion vulnerability in end.php in ask_rave 0.9 PR, and other versions before 0.9b, allows remote attackers to execute arbitrary PHP code via a URL in the footfile parameter. This vulnerability is addressed in the following product