CVE-2025-1241

Encrypted values in Fortra's GoAnywhere MFT prior to version 7.10.0 and GoAnywhere Agents prior to version 2.2.0 utilize a static IV which allows admin users to brute-force decryption of data...

RHEL 8 : resource-agents (RHSA-2026:1241)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:1241 advisory. The resource-agents packages provide the Pacemaker and RGManager service managers with a set of scripts. These scripts interface with severa...

CVE-2026-1241

Pelco Sarix Professional 3 Series IP Cameras expose an authentication bypass via their web management interface. The CVE notes insufficient enforcement of access controls, enabling some functionality to be accessed without authentication and potentially allowing unauthorized viewing of live video...

CVE-2026-1241

creationtimestamp| type| source ---|---|--- 2026-02-26 11:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-26-057-02 2026-02-26 20:53:06+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mfs3bb2wv72e...

CVE-2024-1241

CVE-2024-1241 affects Watchdog Antivirus v1.6.415. The vulnerability allows a Denial of Service by triggering the 0x80002014 IOCTL in the wsdk-driver.sys driver, leading to availability impact (CVSS 3.1 indicates Availability Impact = High). Existing connected sources corroborate the DoS effect a...

CVE-2015-1241

creationtimestamp| type| source ---|---|--- 2024-01-26 21:16:28+00:00| seen| https://t.me/ctinow/174483...

GHSA-9WH7-397J-722M Ironic and ironic-inspector may expose as ConfigMaps

Impact Ironic and ironic-inspector deployed within Baremetal Operator using the included deploy.sh store their .htpasswd files as ConfigMaps instead of Secrets. This causes the plain-text username and hashed password to be readable by anyone having a cluster-wide read-access to the management...

CVE-2023-30841 Ironic and ironic-inspector deployed within Baremetal Operator may expose as ConfigMaps

Baremetal Operator BMO is a bare metal host provisioning integration for Kubernetes. Prior to version 0.3.0, ironic and ironic-inspector deployed within Baremetal Operator using the included deploy.sh store their .htpasswd files as ConfigMaps instead of Secrets. This causes the plain-text usernam...

CVE-2023-1241

creationtimestamp| type| source ---|---|--- 2023-03-07 12:13:39+00:00| seen| https://t.me/cibsecurity/59555 2025-03-06 17:34:38+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/6718...

CVE-2023-1241

Cross-site Scripting XSS - Stored in GitHub repository answerdev/answer prior to 1.0.6...

CVE-2023-1241 Cross-site Scripting (XSS) - Stored in answerdev/answer

Cross-site Scripting XSS - Stored in GitHub repository answerdev/answer prior to 1.0.6...

CVE-2023-1241

CVE-2023-1241 is a stored XSS vulnerability in the open‑source knowledge base software answerdev/answer, affecting versions prior to 1.0.6. The issue arises when user-supplied input is stored and later rendered without proper sanitization, enabling script execution in a victim’s browser. Public r...

SUSE CVE-2015-1241

Google Chrome before 42.0.2311.90 does not properly consider the interaction of page navigation with the handling of touch events and gesture events, which allows remote attackers to trigger unintended UI actions via a crafted web site that conducts a "tapjacking" attack...

CVE-2022-1241

creationtimestamp| type| source ---|---|--- 2022-06-08 14:45:46+00:00| seen| https://t.me/cibsecurity/43999...

CVE-2022-1241

The Ask me WordPress theme before 6.8.2 does not properly sanitise and escape several of the fields in the Edit Profile page, leading to Reflected Cross-Site Scripting issues...

CVE-2022-1241

CVE-2022-1241 affects the WordPress Ask Me premium theme prior to version 6.8.2, where the Edit Profile page fails to properly sanitize and escape several fields, enabling Reflected Cross-Site Scripting (XSS). The vulnerability is documented across multiple sources (CVE records, CVE lists, and pa...

CVE-2022-1241 Ask Me < 6.8.2 - Reflected Cross-Site Scripting

The Ask me WordPress theme before 6.8.2 does not properly sanitise and escape several of the fields in the Edit Profile page, leading to Reflected Cross-Site Scripting issues...

SUSE: Security Advisory (SUSE-SU-2019:1241-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2017:1241-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES12 Security Update : qemu (SUSE-SU-2021:1241-1)

This update for qemu fixes the following issues : Fix OOB access in sm501 device emulation CVE-2020-12829, bsc1172385 Fix OOB access possibility in MegaRAID SAS 8708EM2 emulation CVE-2020-13362, bsc1172383 Fix use-after-free in usb xhci packet handling CVE-2020-25723, bsc1178934 Fix use-after-fre...