Security
Headlines
HeadlinesLatestCVEs

Tag

#pdf

Canadian Eyecare Firm Care1 Exposes 2.2TB of Patient Records

Another day, another healthcare database misconfiguration exposing sensitive patient information.

HackRead
#web#git#intel#pdf#auth
Bitcoin ATM Giant Byte Federal Hit by Hackers, 58,000 Users Impacted

SUMMARY Byte Federal, the US’s largest Bitcoin ATM operator offering around 1,200 Bitcoin ATMs across the country, recently…

Telecom Giant BT Group Hit by Black Basta Ransomware

BT Group, a major telecommunications firm, has been hit by a ransomware attack from the Black Basta group. The attack targeted the company's Conferencing division, leading to server shutdowns and potential data theft.

GHSA-4cx5-89vm-833x: veraPDF CLI has potential XXE (XML External Entity Injection) vulnerability

### Impact Executing policy checks using custom schematron files via the CLI invokes an XSL transformation that may theoretically lead to a remote code execution (RCE) vulnerability. ### Patches We are currently working on a patch that will be released when ready. ### Workarounds This doesn't affect the standard validation and policy checks functionality, veraPDF's common use cases. Most veraPDF users don't insert any custom XSLT code into policy profiles, which are based on Schematron syntax rather than direct XSL transforms. For users who do, only load custom policy files from sources you trust. ### References Original issue: #1488

A week in security (November 25 – December 1)

A list of topics we covered in the week of November 25 to December 1 of 2024

Data broker exposes 600,000 sensitive files including background checks

A researcher has discovered a data broker had stored 644,869 PDF files in a publicly accessible cloud storage container.

GHSA-rmv2-8jjc-23xw: TCPDF Local File Inclusion vulnerability

Local File Inclusion (LFI) vulnerability has been discovered in TCPDF 6.7.5. This vulnerability enables a user to read arbitrary files from the server's file system through <img> src tag, potentially exposing sensitive information.

Schneider Electric PowerLogic PM55xx and PowerLogic PM8ECC

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Schneider Electric Equipment: PowerLogic PM5500 and PowerLogic PM8ECC Vulnerabilities: Weak Password Recovery Mechanism for Forgotten Password, Improper Authentication 2. RISK EVALUATION Successful exploitation of these vulnerabilities could result in an attacker gaining escalated privileges and obtaining control of the device. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of PowerLogic PM55xx power metering devices and PowerLogic PM8ECC ethernet communication module are affected: PM5560: Versions prior to v2.7.8 PM5561: Versions prior to v10.7.3 PM5562: v2.5.4 and prior PM5563: Versions prior to v2.7.8 PM8ECC: All versions 3.2 Vulnerability Overview 3.2.1 WEAK PASSWORD RECOVERY MECHANISM FOR FORGOTTEN PASSWORD CWE-640 The affected product is vulnerable due to weak password recovery mechanisms, which may allow an attacker to gain unauthorized access and potential...

Schneider Electric PowerLogic P5

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 6.1 ATTENTION: Low attack complexity Vendor: Schneider Electric Equipment: PowerLogic P5 Vulnerability: Use of a Broken or Risky Cryptographic Algorithm 2. RISK EVALUATION If an attacker has physical access to the device, it is possible to reboot the device, cause a denial of service condition, or gain full control of the relay by abusing a specially crafted reset token. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Schneider Electric reports the following products are affected: Schneider Electric PowerLogic P5: Versions 01.500.104 and prior 3.2 Vulnerability Overview 3.2.1 USE OF A BROKEN OR RISKY CRYPTOGRAPHIC ALGORITHM CWE-327 A vulnerability exists, which could cause denial of service, a device reboot, or an attacker to gain full control of the relay. When a specially-crafted reset token is entered into the front panel of the device, an exploit exists due to the device's utilization of a risky cryptographic algorithm. CVE-2024-5559 has been assig...