CVE-2025-62185

In Ankitects Anki before 25.02.5, a crafted shared deck can place a YouTube downloader executable in the media folder, and this is executed for a YouTube link in the deck. The executable name could be youtube-dl.exe or yt-dlp.exe or yt-dlpx86.exe...

CVE-2025-62186

Ankitects Anki before 25.02.5 allows a crafted shared deck on Windows to execute arbitrary commands when playing audio because of URL scheme mishandling...

CVE-2025-62187

In Ankitects Anki before 25.02.6, crafted sound file references could cause files to be written to arbitrary locations on Windows and Linux media file pathnames are not necessarily relative to the media folder...

CVE-2025-62187

In Ankitects Anki before 25.02.6, crafted sound file references could cause files to be written to arbitrary locations on Windows and Linux media file pathnames are not necessarily relative to the media folder...

CVE-2025-62187

In Ankitects Anki before 25.02.6, crafted sound file references could cause files to be written to arbitrary locations on Windows and Linux media file pathnames are not necessarily relative to the media folder...

CVE-2025-62186

Ankitects Anki before 25.02.5 allows a crafted shared deck on Windows to execute arbitrary commands when playing audio because of URL scheme mishandling...

CVE-2025-62186

Ankitects Anki before 25.02.5 allows a crafted shared deck on Windows to execute arbitrary commands when playing audio because of URL scheme mishandling...

CVE-2025-62185

In Ankitects Anki before 25.02.5, a crafted shared deck can place a YouTube downloader executable in the media folder, and this is executed for a YouTube link in the deck. The executable name could be youtube-dl.exe or yt-dlp.exe or yt-dlpx86.exe...

CVE-2025-62185

In Ankitects Anki before 25.02.5, a crafted shared deck can place a YouTube downloader executable in the media folder, and this is executed for a YouTube link in the deck. The executable name could be youtube-dl.exe or yt-dlp.exe or yt-dlpx86.exe...

Ankitects Anki 安全漏洞

Ankitects Anki is an open source program by the individual developers of Ankitects to help remember information through the use of flash cards. A security vulnerability exists in Ankitects Anki versions prior to 25.02.6, which stems from a specially crafted sound file reference that could result ...

EUVD-2025-32877

In Ankitects Anki before 25.02.6, crafted sound file references could cause files to be written to arbitrary locations on Windows and Linux media file pathnames are not necessarily relative to the media folder...

CVE-2025-62187

In Ankitects Anki prior to 25.02.6, crafted sound file references could cause files to be written to arbitrary locations on Windows and Linux because media file pathnames are not necessarily relative to the media folder. The vulnerability affects the media handling component and arises from impro...

Ankitects Anki 安全漏洞

Ankitects Anki is an open source program by the individual developers of Ankitects to help memorize information through the use of flash cards. A security vulnerability exists in Ankitects Anki versions prior to 25.02.5, which stems from improper handling of the URL scheme and could lead to the...

CVE-2025-62186

Ankitects Anki before 25.02.5 allows a crafted shared deck on Windows to execute arbitrary commands when playing audio because of URL scheme mishandling...

EUVD-2025-32878

Ankitects Anki before 25.02.5 allows a crafted shared deck on Windows to execute arbitrary commands when playing audio because of URL scheme mishandling...

CVE-2025-62186

Ankitects Anki before 25.02.5 allows a crafted shared deck on Windows to execute arbitrary commands when playing audio because of URL scheme mishandling...

CVE-2025-62187

In Ankitects Anki before 25.02.6, crafted sound file references could cause files to be written to arbitrary locations on Windows and Linux media file pathnames are not necessarily relative to the media folder...

EUVD-2025-32879

In Ankitects Anki before 25.02.5, a crafted shared deck can place a YouTube downloader executable in the media folder, and this is executed for a YouTube link in the deck. The executable name could be youtube-dl.exe or yt-dlp.exe or yt-dlpx86.exe...

CVE-2025-62185

In Ankitects Anki before 25.02.5, a crafted shared deck can place a YouTube downloader executable in the media folder, and this is executed for a YouTube link in the deck. The executable name could be youtube-dl.exe or yt-dlp.exe or yt-dlpx86.exe...

Ankitects Anki 代码问题漏洞

Ankitects Anki is an open source program by the individual developers of Ankitects to help remember information through the use of flash cards. A code issue vulnerability exists in Ankitects Anki versions prior to 25.02.5, which stems from a specially crafted shared deck that can place a YouTube...