GHSA-CFPH-4QQH-W828 Arbitrary remote file read in Wrangler dev server

Impact Sending specially crafted HTTP requests and inspector messages to Wrangler's dev server could result in any file on the user's computer being accessible over the local network. An attacker that could trick any user on the local network into opening a malicious website could also read any...

CVE-2023-25582

Two OS command injection vulnerabilities exist in the zebra vlanname functionality of Milesight UR32L v32.3.0.5. A specially crafted network request can lead to command execution. An attacker can send a network request to trigger these vulnerabilities.This command injection is in the code branch...

isc-dhcpd.exploit.txt

Somebody at OpenBSD discovered a possible root exploit in the ISC DHCP client. I can confirm that as of 6:23am on June 23rd after several hours of hacking around the sources I had the following dhcpd config running on my own machine's private network for testing: shared-network LOCAL-NET option...