EUVD-2015-5786

Malware in sbrugna...

PT-2025-31291 · Apple · Apple Macos

Name of the Vulnerable Software and Affected Versions: macOS versions prior to 15.6 macOS versions prior to 14.7.7 macOS versions prior to 13.7.7 Description: An issue existed in the handling of environment variables. The issue was addressed with improved validation. An app may be able to access...

CVE-2024-42474 Streamlit Path Traversal Security Vulnerability on Windows

Streamlit is a data oriented application development framework for python. Snowflake Streamlit open source addressed a security vulnerability via the static file sharing feature. Users of hosted Streamlit apps on Windows were vulnerable to a path traversal vulnerability when the static file shari...

CVE-2022-35918

CVE-2022-35918 affects Streamlit’s Python apps using custom components, enabling a directory traversal that could leak server-file data (e.g., logs, world-readable files). The issue arises from how the streamlit server processes crafted URLs containing file paths. Public analyses consistently not...

New Relic: [NR Insights] Data app permissions setting does not fully prevent other users from modifying/changing changing data related to your data app

In NR Insights, there is the ability to set a permissions for the data app itself. It's located here: F326634 Now, in this section, if a user creates a new data app and sets the permissions to "visible to others within my account" it essentially provides read-only access to the data app and its...

CVE-2017-5217

Installing a zero-permission Android application on certain Samsung Android devices with KK4.4, L5.0/5.1, and M6.0 software can continually crash the systemserver process in the Android OS. The zero-permission app will create an active install session for a separate app that it has embedded withi...