CVE-2026-2241

A denial of service flaw was found in janet-lang. A local attacker can exploit a vulnerability in the osstrftime function by manipulating input, which causes an out-of-bounds read. This issue can lead to a Denial of Service DoS, making the system unresponsive or unavailable. Mitigation Mitigation...

CVE-2026-2241 janet-lang janet os.c os_strftime out-of-bounds

A vulnerability was found in janet-lang janet up to 1.40.1. This affects the function osstrftime of the file src/core/os.c. Performing a manipulation results in out-of-bounds read. The attack must be initiated from a local position. The exploit has been made public and could be used. The patch is...

MiracleLinux 7 : java-1.8.0-openjdk-1.8.0.302.b08-0.el7 (AXSA:2021-2241:09)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2241:09 advisory. OpenJDK: Incorrect comparison during range check elimination Hotspot, 8264066 CVE-2021-2388 OpenJDK: FTP PASV command response can cause FtpClient t...

EUVD-2026-2241

In the Linux kernel, the following vulnerability has been resolved: iommu: disable SVA when CONFIGX86 is set Patch series "Fix stale IOTLB entries for kernel address space", v7. This proposes a fix for a security vulnerability related to IOMMU Shared Virtual Addressing SVA. In an SVA context, an...

CVE-2019-2241

While rendering the layout background, Error status check is not caught properly and also incorrect status handling is being done leading to unintended SUI behaviour in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer...

EUVD-2013-2731

Malware in sbrugna...

CVE-2020-2241

A cross-site request forgery CSRF vulnerability in Jenkins database Plugin 1.6 and earlier allows attackers to connect to an attacker-specified database server using attacker-specified credentials...

CVE-2013-2798

Schweitzer Engineering Laboratories SEL SEL-2241, SEL-3505, and SEL-3530 RTAC master devices allow physically proximate attackers to cause a denial of service infinite loop via crafted input over a serial line...

CVE-2025-2241

A flaw was found in Hive, a component of Multicluster Engine MCE and Advanced Cluster Management ACM. This vulnerability causes VCenter credentials to be exposed in the ClusterProvision object after provisioning a VSphere cluster. Users with read access to ClusterProvision objects can extract...

CVE-2025-2241

creationtimestamp| type| source ---|---|--- 2025-03-17 16:47:33+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/7796 2025-03-17 17:48:32+00:00| seen| https://mastodon.social/users/CyberSignaler/statuses/114179028571344368 2025-03-17 19:05:50+00:00| seen|...

CVE-2025-2241 Hive: exposure of vcenter credentials via clusterprovision in hive / mce / acm

A flaw was found in Hive, a component of Multicluster Engine MCE and Advanced Cluster Management ACM. This vulnerability causes VCenter credentials to be exposed in the ClusterProvision object after provisioning a VSphere cluster. Users with read access to ClusterProvision objects can extract...

CVE-2025-2241 Hive: exposure of vcenter credentials via clusterprovision in hive / mce / acm

A flaw was found in Hive, a component of Multicluster Engine MCE and Advanced Cluster Management ACM. This vulnerability causes VCenter credentials to be exposed in the ClusterProvision object after provisioning a VSphere cluster. Users with read access to ClusterProvision objects can extract...

CVE-2025-2241

A flaw was found in Hive, a component of Multicluster Engine MCE and Advanced Cluster Management ACM. This vulnerability causes VCenter credentials to be exposed in the ClusterProvision object after provisioning a VSphere cluster. Users with read access to ClusterProvision objects can extract...

CVE-2024-2241

CVE-2024-2241 affects Devolutions Workspace (versions up to and including 2024.1.0). The vulnerability is due to improper access control in the user interface, allowing an authenticated user to perform unintended actions through specific permissions. The Red Hat/NVD entries corroborate the same d...

Amazon Linux 2 : OpenEXR (ALAS-2023-2241)

The version of OpenEXR installed on the remote host is prior to 1.7.1-8. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-2241 advisory. There's a flaw in OpenEXR's Scanline API functionality in versions before 3.0.0-beta. An attacker who is able to submit a crafted...

SUSE CVE-2023-2241

A vulnerability, which was classified as critical, was found in PoDoFo 0.10.0. Affected is the function readXRefStreamEntry of the file PdfXRefStreamParserObject.cpp. The manipulation leads to heap-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed to th...

CVE-2023-2241

creationtimestamp| type| source ---|---|--- 2023-04-22 20:32:44+00:00| seen| https://t.me/cibsecurity/62661 2025-02-06 02:41:38+00:00| seen| Telegram/Y0mlAfYTJ5haSEIb8E9e3vKrtXfmWJXXrjUWp4L2W21uiDGx...

CVE-2023-2241

The CVE-2023-2241 vulnerability affects PoDoFo 0.10.0, specifically the PdfXRefStreamParserObject.cpp readXRefStreamEntry function, causing a heap-based buffer overflow. The issue requires local access to exploit, and public exploits/ PoC have been disclosed. A patch is identified (535a786f124b73...

CVE-2023-2241 PoDoFo PdfXRefStreamParserObject.cpp readXRefStreamEntry heap-based overflow

A vulnerability, which was classified as critical, was found in PoDoFo 0.10.0. Affected is the function readXRefStreamEntry of the file PdfXRefStreamParserObject.cpp. The manipulation leads to heap-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed to th...

SUSE CVE-2020-2241

A cross-site request forgery CSRF vulnerability in Jenkins database Plugin 1.6 and earlier allows attackers to connect to an attacker-specified database server using attacker-specified credentials...