Security
Headlines
HeadlinesLatestCVEs

Latest News

GHSA-rrgf-hcr9-jq6h: TinyScientist has Path Traversal Vulnerability in PDF Review Function (CWE-22)

## Description A critical path traversal vulnerability (CWE-22) has been identified in the `review_paper` function in `backend/app.py`. The vulnerability allows malicious users to access arbitrary PDF files on the server by providing crafted file paths that bypass the intended security restrictions. ## Impact This vulnerability allows attackers to: - Read any PDF file accessible to the server process - Potentially access sensitive documents outside the intended directory - Perform reconnaissance on the server's file system structure ## Vulnerable Code The issue occurs in the `review_paper` function around line 744: ```python if pdf_path.startswith("/api/files/"): # Safe path handling for API routes relative_path = pdf_path[len("/api/files/"):] generated_base = os.path.join(project_root, "generated") absolute_pdf_path = os.path.join(generated_base, relative_path) else: absolute_pdf_path = pdf_path # VULNERABLE: Direct use of user input ``` ## Proof of Concept ``...

ghsa
Open in Source
#vulnerability#js#pdf
Hackers Leak 9GB of Data from Alleged North Korean Hacker’s Computer

Hackers release 9GB of stolen files from the computer of an alleged North Korean hacker, revealing tools, logs,…

Online portal exposed car and personal data, allowed anyone to remotely unlock cars

A carmaker has been found to be open to leaking vehicle data and customer information through their dealership portal.

⚡ Weekly Recap: BadCam Attack, WinRAR 0-Day, EDR Killer, NVIDIA Flaws, Ransomware Attacks & More

This week, cyber attackers are moving quickly, and businesses need to stay alert. They’re finding new weaknesses in popular software and coming up with clever ways to get around security. Even one unpatched flaw could let attackers in, leading to data theft or even taking control of your systems. The clock is ticking—if defenses aren’t updated regularly, it could lead to serious damage. The

6 Lessons Learned: Focusing Security Where Business Value Lives

The Evolution of Exposure Management Most security teams have a good sense of what’s critical in their environment. What’s harder to pin down is what’s business-critical. These are the assets that support the processes the business can’t function without. They’re not always the loudest or most exposed. They’re the ones tied to revenue, operations, and delivery. If one goes down, it’s more than a

North Korean Group ScarCruft Expands From Spying to Ransomware Attacks

North Korean hackers ScarCruft shift from spying to ransomware, using VCD malware in phishing attacks, targeting South Korea…

What Does Palantir Actually Do?

Palantir is often called a data broker, a data miner, or a giant database of personal information. In reality, it’s none of these—but even former employees struggle to explain it.

Inside the Multimillion-Dollar Gray Market for Video Game Cheats

Gaming cheats are the bane of the video game industry—and a hot commodity. A recent study found that cheat creators are making a fortune from gamers looking to gain a quick edge.

GHSA-pwq7-2gvj-vg9v: Keras safe mode bypass vulnerability

A safe mode bypass vulnerability in the `Model.load_model` method in Keras versions 3.0.0 through 3.10.0 allows an attacker to achieve arbitrary code execution by convincing a user to load a specially crafted `.keras` model archive.