43 matches found
PT-2026-49580
Name of the Vulnerable Software and Affected Versions Angular versions prior to 22.0.1 Angular versions prior to 21.2.17 Angular versions prior to 20.3.25 Description An information disclosure issue exists in the @angular/service-worker package. When the Service Worker fetches assets, it preserve...
MAL-2025-48315 Malicious code in ing-util-analytics6 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 0b41060826542b40f0d95751fae347c33c794ec24b60f2efa39ce8b385af059b The OpenSSF Package Analysis project identified 'ing-util-analytics6' @ 15.1.27 npm as malicious. It is considered malicious because: - The...
EUVD-2019-8193
Malware in sbrugna...
EUVD-2019-9196
Malware in sbrugna...
MAL-2025-47865 Malicious code in wide-lib (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f73134e4d528333c8306a8966d02b2302f48a8375f08bfb7529fbc30bbf2b196 Any computer that has this package installed or running should be considered...
Linux Distros Unpatched Vulnerability : CVE-2019-18424
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Xen through 4.12.x allowing attackers to gain host OS privileges via DMA in a situation where an untrusted domain has access to a...
Malicious code in epic-ue-saleforce-form (npm)
The package communicates with a domain associated with malicious activity...
Error: "The Login is from an Untrusted Domain and Cannot be used with Windows Authentication" Appears when Launching Provisioning Services Console
When launching the Provisioning Services Console, the critical error message appears, “Critical Error A database error occurred. Login failed. The login is from an untrusted domain and cannot be used with Windows authentication.”...
Siemens SIMATIC PCS 安全漏洞
SIMATIC PCS neo is a distributed control system DCS. Siemens SIMATIC PCS neo suffers from a loose cross-domain policy vulnerability with an untrusted domain, which can be exploited by an attacker to trick a legitimate user into triggering unwanted behavior...
Group Office CRM Code Issue Vulnerability
Group Office CRM is a software application. Share projects, calendars, files and emails with colleagues and clients online. Easy to use and fully customizable. A code issue vulnerability exists in Group Office CRM that stems from the presence of a server-side request forgery SSRF vulnerability th...
PVS server cannot logon database with Error "The Login is from an Untrusted Domain and Cannot ..."
PVS server console cannot be launched with error: "The database login failed." SQL server log error: "Login failed. The login is from an untrusted domain and cannot be used with Integrated authentication." "SSPI handshake failed with error code 0x8009030c, state 14 while establishing a connection...
SUSE CVE-2019-18424
An issue was discovered in Xen through 4.12.x allowing attackers to gain host OS privileges via DMA in a situation where an untrusted domain has access to a physical device. This occurs because passed through PCI devices may corrupt host memory after deassignment. When a PCI device is assigned to...
SUSE CVE-2019-19579
An issue was discovered in Xen through 4.12.x allowing attackers to gain host OS privileges via DMA in a situation where an untrusted domain has access to a physical device and assignable-add is not used, because of an incomplete fix for CVE-2019-18424. XSA-302 relies on the use of libxl's...
The vulnerability in the implementation of the CORS (Cross-Origin Resource Sharing) mechanism in Firefox browsers, Firefox ESR, and the Thunderbird email client allows a hacker to circumvent security restrictions.
The vulnerability of the CORS Cross-Origin Resource Sharing mechanism implementation in Firefox browsers, Firefox ESR, and the Thunderbird email client is related to the inclusion of functions from an unreliable controlled domain. Exploiting this vulnerability allows a malicious actor to bypass...
keycloak: CSRF check missing in My Resources functionality in the Account Console
It was found that Keycloak's account console did not perform adequate header checks in some requests. An attacker could use this flaw to trick an authenticated user into performing operations via request from an untrusted domain...
The vulnerability in web browsers Firefox, Firefox ESR, and the email client Thunderbird, related to the inclusion of functionality from an unreliable controlling domain, allows a perpetrator to compromise data integrity.
The vulnerabilities in web browsers Firefox, Firefox ESR, and the email client Thunderbird are related to the inclusion of features from an unreliable management domain. Exploiting these vulnerabilities allows a remote attacker to compromise data integrity...
SUSE SLES12 Security Update : xen (SUSE-SU-2019:3297-1)
This update for xen fixes the following issues : CVE-2019-19581: Fixed a potential out of bounds on 32-bit Arm bsc1158003 XSA-307. CVE-2019-19582: Fixed a potential infinite loop when x86 accesses to bitmaps with a compile time known size of 64 bsc1158003 XSA-307. CVE-2019-19583: Fixed improper...
CVE-2019-19579
An issue was discovered in Xen through 4.12.x allowing attackers to gain host OS privileges via DMA in a situation where an untrusted domain has access to a physical device and assignable-add is not used, because of an incomplete fix for CVE-2019-18424. XSA-302 relies on the use of libxl's...
CVE-2019-19579
An issue was discovered in Xen through 4.12.x allowing attackers to gain host OS privileges via DMA in a situation where an untrusted domain has access to a physical device and assignable-add is not used, because of an incomplete fix for CVE-2019-18424. XSA-302 relies on the use of libxl's...
ALPINE-CVE-2019-19579
An issue was discovered in Xen through 4.12.x allowing attackers to gain host OS privileges via DMA in a situation where an untrusted domain has access to a physical device and assignable-add is not used, because of an incomplete fix for CVE-2019-18424. XSA-302 relies on the use of libxl's...