You might have realised it already. March 2007 has begun and so has the long awaited Month of PHP Bugs. The initiative is hosted on dedicated servers, because serendipity cannot handle the traffic. You can reach it at http://www.php-security.org.
As of the time of this post, there are currently three bugs posted - two dealing with stack overflows (one in the variable destructor and one in the executor) and a overflow issue in the ZVAL reference counter. Detailed descriptions of the issues are just a click away and, where is it needed, an explain example is provided.