DSA-5404 chromium - security update

Read Time:7 Second

Multiple security issues were discovered in Chromium, which could result
in the execution of arbitrary code, denial of service or information
disclosure.

Business Logic Flaw: Price Manipulation – AlegroCartv1.2.9

Posted by Andrey Stoykov on Apr 23 # Exploit Title: Business Logic Flaw: Price Manipulation - alegrocartv1.2.9 # Date: 04/2025...

April 24, 2025

Stored XSS in “Message” Functionality – AlegroCartv1.2.9

Posted by Andrey Stoykov on Apr 23 # Exploit Title: Stored XSS in "Message" Functionality - alegrocartv1.2.9 # Date: 04/2025...

April 24, 2025

XSS via SVG Image Upload – AlegroCartv1.2.9

Posted by Andrey Stoykov on Apr 23 # Exploit Title: XSS via SVG Image Upload - alegrocartv1.2.9 # Date: 04/2025...

April 24, 2025

BBOT 2.1.0 – Local Privilege Escalation via Malicious Module Execution

Posted by Housma mardini on Apr 23 Hi Full Disclosure, I'd like to share a local privilege escalation technique involving...

April 24, 2025

USN-7454-1: libarchive vulnerabilities

It was discovered that the libarchive bsdunzip utility incorrectly handled certain ZIP archive files. If a user or automated system...

April 23, 2025

USN-7453-1: Linux kernel (Real-time) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This...

April 23, 2025

Smashing Security podcast #414: Zoom.. just one click and your data goes boom!

DOGE Worker’s Code Supports NLRB Whistleblower

Regulating AI Behavior with a Hypervisor

Verizon’s DBIR Reveals 34% Jump in Vulnerability Exploitation

FBI Reveals “Staggering” $16.6bn Lost to Cybercrime in 2024

Vulnerability Exploitation and Credential Theft Now Top Initial Access Vectors

US Data Breach Victim Count Surges 26% Annually

M&S Grapples with Cyber Incident Affecting In-Store Services

Dutch Warn of “Whole of Society” Russian Cyber-Threat

DSA-5404 chromium – security update

Business Logic Flaw: Price Manipulation – AlegroCartv1.2.9

Stored XSS in “Message” Functionality – AlegroCartv1.2.9

XSS via SVG Image Upload – AlegroCartv1.2.9

BBOT 2.1.0 – Local Privilege Escalation via Malicious Module Execution

USN-7454-1: libarchive vulnerabilities

USN-7453-1: Linux kernel (Real-time) vulnerabilities