Security
Headlines
HeadlinesLatestCVEs

Tag

#pdf

GHSA-mv33-9f6j-pfmc: Directus allows unauthenticated file upload and file modification due to lacking input sanitization

## Summary A vulnerability exists in the file update mechanism which allows an unauthenticated actor to modify existing files with arbitrary contents (without changes being applied to the files' database-resident metadata) and / or upload new files, with arbitrary content and extensions, which won't show up in the Directus UI. ## Details Directus exposes the CRUD operations for uploading or handling files under the `/files` route. The endpoint handler is responsible for updating an existing file identified by the provided primary key specified through the `pk` parameter. Primary keys are UUID values such as `/files/927b3abf-fb4b-4c66-bdaa-eb7dc48a51cb`. Here the `filename_disk` value is never sanitized, it's possible to pass a path containing traversal sequences (`../`) through it, but a fully arbitrary file write is not possible in case the "local" storage handler is used. (Other storage implementations haven't been checked during the research process). The `packages/storage-drive...

ghsa
Open in Source
#vulnerability#web#php#nginx#pdf#auth
How to Automate Phishing Detection to Prevent Data Theft

Disclosure: This article was provided by ANY.RUN. The information and analysis presented are based on their research and findings.

Highly Sensitive Medical Cannabis Patient Data Exposed by Unsecured Database

Nearly a million records, which appear to be linked to a medical-cannabis-card company in Ohio, included Social Security numbers, government IDs, health conditions, and more.

Citizen Lab Reports Hidden VPN Networks Sharing Ownership and Security Flaws

Citizen Lab’s new report, Hidden Links, uncovers a network of VPN providers like Turbo VPN and VPN Monster…

96,000 UK Police Bodycam Videos Lost After Data Transfer Mishap

The UK’s South Yorkshire Police lost 96,000 bodycam videos in a data transfer mishap, impacting 126 cases. Poor…

Fake Copyright Notices Drop New Noodlophile Stealer Variant

Morphisec warns of a new Noodlophile Stealer variant spread via fake copyright phishing emails, using Dropbox links and…

New NIST Concept Paper Outlines AI-Specific Cybersecurity Framework

NIST has released a concept paper for new control overlays to secure AI systems, built on the SP…

New Malvertising Attack Spreads Crypto Stealing PS1Bot Malware

Cisco Talos researchers have discovered a dangerous new malware framework called PS1Bot. Active since early 2025, this sophisticated…

GHSA-7hfw-26vp-jp8m: PyPDF's Manipulated FlateDecode streams can exhaust RAM

### Impact An attacker who uses this vulnerability can craft a PDF which leads to the RAM being exhausted. This requires just reading the file if a series of FlateDecode filters is used on a malicious cross-reference stream. Other content streams are affected on explicit access. ### Patches This has been fixed in [pypdf==6.0.0](https://github.com/py-pdf/pypdf/releases/tag/6.0.0). ### Workarounds If you cannot upgrade yet, you might want to implement the workaround for `pypdf.filters.decompress` yourself: https://github.com/py-pdf/pypdf/blob/0dd57738bbdcdb63f0fb43d8a6b3d222b6946595/pypdf/filters.py#L72-L143 ### References This issue has been reported in #3429 and fixed in #3430.

Malvertising campaign leads to PS1Bot, a multi-stage malware framework

Cisco Talos has observed an ongoing malware campaign that seeks to infect victims with a multi-stage malware framework, implemented in PowerShell and C#, which we are referring to as “PS1Bot.”