Lucene search
K

55 matches found

Nuclei
Nuclei
added yesterday63 views

WordPress MDC YouTube Downloader 2.1.0 - Local File Inclusion

WordPress MDC YouTube Downloader 2.1.0 plugin is susceptible to local file inclusion. A remote attacker can read arbitrary files via a full pathname in the file parameter to includes/download.php. id: CVE-2015-5469 info: name: WordPress MDC YouTube Downloader 2.1.0 - Local File Inclusion author:...

7.5CVSS7.1AI score0.10148EPSS
Exploits2References5
Snyk
Snyk
added last week4 views

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

Overview yt-dlp is an A youtube-dl fork with additional features and patches Affected versions of this package are vulnerable to Improper Neutralization of Special Elements in Output Used by a Downstream Component 'Injection' via improper validation of input in the --write-link, --write-url-link,...

9CVSS6.3AI score0.0064EPSS
Exploits0References2
OSV
OSV
added 2026/06/29 11:50 a.m.5 views

PYSEC-2026-283 ArchiveBox Vulnerable to RCE via unvalidated per-crawl config overrides in AddView

The /add/ endpoint AddView in core/views.py accepts a config JSON field that gets merged into the crawl config without validation. This config is exported as environment variables when archive plugins run, allowing injection of arbitrary tool arguments to achieve RCE. When PUBLICADDVIEW=True comm...

9.8CVSS6.4AI score0.00404EPSS
Exploits1References5
NVD
NVD
added 2026/01/15 4:16 p.m.6 views

CVE-2021-47775

YouTube Video Grabber, now referred to as YouTube Downloader, 1.9.9.1 contains a buffer overflow vulnerability that allows attackers to execute arbitrary code by overwriting the Structured Exception Handler. Attackers can craft a malicious payload of 712 bytes with SEH manipulation to trigger a...

8.4CVSS0.00148EPSS
Exploits0References2
EUVD
EUVD
added 2026/01/15 3:52 p.m.6 views

EUVD-2026-2763

YouTube Video Grabber, now referred to as YouTube Downloader, 1.9.9.1 contains a buffer overflow vulnerability that allows attackers to execute arbitrary code by overwriting the Structured Exception Handler. Attackers can craft a malicious payload of 712 bytes with SEH manipulation to trigger a...

8.4CVSS7.3AI score0.00148EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/01/15 3:52 p.m.4 views

CVE-2021-47775

YouTube Video Grabber, now referred to as YouTube Downloader, 1.9.9.1 contains a buffer overflow vulnerability that allows attackers to execute arbitrary code by overwriting the Structured Exception Handler. Attackers can craft a malicious payload of 712 bytes with SEH manipulation to trigger a...

8.4CVSS6.4AI score0.00148EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/01/15 3:52 p.m.3 views

CVE-2021-47775 YouTube Video Grabber 1.9.9.1 - Buffer Overflow (SEH)

YouTube Video Grabber, now referred to as YouTube Downloader, 1.9.9.1 contains a buffer overflow vulnerability that allows attackers to execute arbitrary code by overwriting the Structured Exception Handler. Attackers can craft a malicious payload of 712 bytes with SEH manipulation to trigger a...

8.4CVSS7.5AI score0.00148EPSS
Exploits0References2
CVE
CVE
added 2026/01/15 3:52 p.m.22 views

CVE-2021-47775

CVE-2021-47775 affects YouTube Video Grabber (also called YouTube Downloader) version 1.9.9.1. The issue is a buffer overflow that allows arbitrary code execution by overwriting the Structured Exception Handler (SEH). An attacker can craft a 712-byte payload with SEH manipulation to trigger a bin...

8.4CVSS7.5AI score0.00148EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/01/15 12:0 a.m.11 views

PT-2026-3050

YouTube Video Grabber, now referred to as YouTube Downloader, 1.9.9.1 contains a buffer overflow vulnerability that allows attackers to execute arbitrary code by overwriting the Structured Exception Handler. Attackers can craft a malicious payload of 712 bytes with SEH manipulation to trigger a...

8.4CVSS7.8AI score0.00148EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/01/15 12:0 a.m.7 views

LitexMedia YouTube Downloader Buffer Error Vulnerability

LitexMedia YouTube Downloader is a video download tool provided by LitexMedia. Version 1.9.9.1 of LitexMedia YouTube Downloader contains a buffer overflow vulnerability, which may lead to the execution of arbitrary code due to a buffer overflow...

8.4CVSS6.6AI score0.00148EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/10/08 4:47 p.m.7 views

CVE-2025-62185

In Ankitects Anki before 25.02.5, a crafted shared deck can place a YouTube downloader executable in the media folder, and this is executed for a YouTube link in the deck. The executable name could be youtube-dl.exe or yt-dlp.exe or yt-dlpx86.exe...

7.8CVSS6.8AI score0.0014EPSS
Exploits0References1
NVD
NVD
added 2025/10/07 9:15 p.m.7 views

CVE-2025-62185

In Ankitects Anki before 25.02.5, a crafted shared deck can place a YouTube downloader executable in the media folder, and this is executed for a YouTube link in the deck. The executable name could be youtube-dl.exe or yt-dlp.exe or yt-dlpx86.exe...

7.8CVSS0.0014EPSS
Exploits0References3
AlpineLinux
AlpineLinux
added 2025/10/07 9:15 p.m.5 views

CVE-2025-62185

In Ankitects Anki before 25.02.5, a crafted shared deck can place a YouTube downloader executable in the media folder, and this is executed for a YouTube link in the deck. The executable name could be youtube-dl.exe or yt-dlp.exe or yt-dlpx86.exe...

7.8CVSS6.8AI score0.0014EPSS
Exploits0References3
CVE
CVE
added 2025/10/07 12:0 a.m.27 views

CVE-2025-62185

In Ankitects Anki prior to 25.02.5, a crafted shared deck can place a YouTube downloader executable (names include youtube-dl.exe, yt-dlp.exe, or yt-dlp_x86.exe) in the media folder. This executable can be run when a YouTube link is present in the deck, enabling potential arbitrary code execution...

7.8CVSS6.4AI score0.0014EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2025/10/07 12:0 a.m.9 views

CVE-2025-62185

In Ankitects Anki before 25.02.5, a crafted shared deck can place a YouTube downloader executable in the media folder, and this is executed for a YouTube link in the deck. The executable name could be youtube-dl.exe or yt-dlp.exe or yt-dlpx86.exe...

6.7CVSS0.0014EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/10/07 12:0 a.m.10 views

PT-2025-41187

Name of the Vulnerable Software and Affected Versions Anki versions prior to 25.02.5 Description A specially designed shared deck can place a YouTube downloader executable in the media folder. This executable is then run when a YouTube link is present within the deck. The executable may be named...

7.8CVSS6.6AI score0.0014EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2025/10/07 12:0 a.m.3 views

CVE-2025-62185

In Ankitects Anki before 25.02.5, a crafted shared deck can place a YouTube downloader executable in the media folder, and this is executed for a YouTube link in the deck. The executable name could be youtube-dl.exe or yt-dlp.exe or yt-dlpx86.exe...

6.7CVSS6.4AI score0.0014EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/10/07 12:0 a.m.7 views

Ankitects Anki 代码问题漏洞

Ankitects Anki is an open source program by the individual developers of Ankitects to help remember information through the use of flash cards. A code issue vulnerability exists in Ankitects Anki versions prior to 25.02.5, which stems from a specially crafted shared deck that can place a YouTube...

7.8CVSS6.9AI score0.0014EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:0 a.m.6 views

EUVD-2025-32879

In Ankitects Anki before 25.02.5, a crafted shared deck can place a YouTube downloader executable in the media folder, and this is executed for a YouTube link in the deck. The executable name could be youtube-dl.exe or yt-dlp.exe or yt-dlpx86.exe...

6.7CVSS6.3AI score0.0014EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-3303

Malicious code in bioql PyPI...

7.1CVSS8.7AI score0.00162EPSS
Exploits0References1
Rows per page
Query Builder