CVE-2006-3946 - Safari Webkit Remote Code Execution
CVE-2007-0033 - MS07-033: Outlook Remote Code Execution
CVE-2008-5457 - Oracle Weblogic Remote Code Execution
CVE-2009-0956 - Apple QuickTime Remote Code Execution
By popular demand:
Practical Code Auditing