Read Time:15 Second

FEDORA-2023-dad0295b25

Packages in this update:

xen-4.16.3-3.fc36

use OVMF.fd from new edk2-ovmf-xen package as ovmf.bin file
built from edk2-ovmf package no longer supports xen (#2170930)

x86: Cross-Thread Return Address Predictions [XSA-426, CVE-2022-27672]

Posted by Andrey Stoykov on Apr 23 # Exploit Title: Business Logic Flaw: Price Manipulation - alegrocartv1.2.9 # Date: 04/2025...

Posted by Andrey Stoykov on Apr 23 # Exploit Title: Stored XSS in "Message" Functionality - alegrocartv1.2.9 # Date: 04/2025...

Posted by Andrey Stoykov on Apr 23 # Exploit Title: XSS via SVG Image Upload - alegrocartv1.2.9 # Date: 04/2025...

Posted by Housma mardini on Apr 23 Hi Full Disclosure, I'd like to share a local privilege escalation technique involving...

It was discovered that the libarchive bsdunzip utility incorrectly handled certain ZIP archive files. If a user or automated system...

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This...