5 matches found
EUVD-2025-11537
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2025-43703
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Ankitects Anki through 25.02. A crafted shared deck can result in attacker- controlled access to the internal API even though the...
CVE-2025-43703
An issue was discovered in Ankitects Anki through 25.02. A crafted shared deck can result in attacker-controlled access to the internal API even though the attacker has no knowledge of an API key through approaches such as scripts or the SRC attribute of an IMG element. NOTE: this issue exists...
CVE-2024-32484
An reflected XSS vulnerability exists in the handling of invalid paths in the Flask server in Ankitects Anki 24.04. A specially crafted flashcard can lead to JavaScript code execution and result in an arbitrary file read. An attacker can share a malicious flashcard to trigger this vulnerability...
CVE-2024-32484
An reflected XSS vulnerability exists in the handling of invalid paths in the Flask server in Ankitects Anki 24.04. A specially crafted flashcard can lead to JavaScript code execution and result in an arbitrary file read. An attacker can share a malicious flashcard to trigger this vulnerability...