https://www.cert.ssi.gouv.fr/avis/CERTFR-2024-AVI-0518/

https://www.cert.ssi.gouv.fr/avis/CERTFR-2023-AVI-0649/

https://www.cert.ssi.gouv.fr/avis/CERTFR-2023-AVI-0572/

The open-source e-commerce platform PrestaShop has released a new version that addresses a critical-severity vulnerability allowing any back-office user to write, update, or delete SQL databases regardless of their permissions.

Un défaut de contrôle des données saisies par l’utilisateur dans OpenSSH permet à un attaquant non authentifié, en envoyant des requêtes spécifiquement forgées, de téléverser sa clé SSH privée

A high-severity RCE security flaw in jsonwebtoken library used by 22,000+ open source projects has been discovered.

Google announces the launch of OSV-Scanner, a free, open-source vulnerability scanner that's designed to identify software exploits.

It's a venerable program, and this version had a venerable bug in it.

https://www.cert.ssi.gouv.fr/avis/CERTFR-2022-AVI-985/

The bug was assigned the tracker CVE-2022-41352 in late September. Issued a CVSS severity score of 9.8