No other value can be used in place of display and db.
WordPress just check for value display and convert & and 'quotes to HTML entities (Including all other characters). If you pass db it is just skip this block of code.
However, WordPress recommends to use esc_url_raw() instead of passing third argument.
You can use esc_url_raw() when saving back-end options like theme options or plugin settings and you should always esc_url() in href attribute, browser decodes it very well.