Lucene search
K

10 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2024-29073

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An vulnerability in the handling of Latex exists in Ankitects Anki 24.04. When Latex is sanitized to prevent unsafe commands, the verbatim package, which comes...

6.5CVSS5.7AI score0.11512EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2024/07/23 2:21 a.m.3 views

SUSE CVE-2024-32484

An reflected XSS vulnerability exists in the handling of invalid paths in the Flask server in Ankitects Anki 24.04. A specially crafted flashcard can lead to JavaScript code execution and result in an arbitrary file read. An attacker can share a malicious flashcard to trigger this vulnerability...

8.2CVSS7.1AI score0.25924EPSS
Exploits1References3
NVD
NVD
added 2024/07/22 3:15 p.m.43 views

CVE-2024-32484

An reflected XSS vulnerability exists in the handling of invalid paths in the Flask server in Ankitects Anki 24.04. A specially crafted flashcard can lead to JavaScript code execution and result in an arbitrary file read. An attacker can share a malicious flashcard to trigger this vulnerability...

8.2CVSS0.25924EPSS
Exploits1References2
OSV
OSV
added 2024/07/22 3:15 p.m.3 views

DEBIAN-CVE-2024-26020

An arbitrary script execution vulnerability exists in the MPV functionality of Ankitects Anki 24.04. A specially crafted flashcard can lead to a arbitrary code execution. An attacker can send malicious flashcard to trigger this vulnerability...

8.8CVSS6.2AI score0.15067EPSS
Exploits1References1
OSV
OSV
added 2024/07/22 3:15 p.m.12 views

CVE-2024-26020

An arbitrary script execution vulnerability exists in the MPV functionality of Ankitects Anki 24.04. A specially crafted flashcard can lead to a arbitrary code execution. An attacker can send malicious flashcard to trigger this vulnerability...

8.8CVSS7.3AI score
Exploits0References2
Cvelist
Cvelist
added 2024/07/22 2:20 p.m.30 views

CVE-2024-29073

An vulnerability in the handling of Latex exists in Ankitects Anki 24.04. When Latex is sanitized to prevent unsafe commands, the verbatim package, which comes installed by default in many Latex distributions, has been overlooked. A specially crafted flashcard can lead to an arbitrary file read. ...

5.3CVSS0.11512EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/07/22 2:20 p.m.38 views

CVE-2024-26020

An arbitrary script execution vulnerability exists in the MPV functionality of Ankitects Anki 24.04. A specially crafted flashcard can lead to a arbitrary code execution. An attacker can send malicious flashcard to trigger this vulnerability...

9.6CVSS0.15067EPSS
Exploits1References1
CVE
CVE
added 2024/07/22 2:20 p.m.76 views

CVE-2024-32484

Affected product: Ankitects Anki (entries reference Anki up to 25.02). The connected documents indicate CVE-2025-43703 describes an incomplete fix for CVE-2024-32484, resulting in attacker‑controlled access to the internal API via crafted decks/SRC attributes, effectively enabling scripted access...

8.2CVSS7.4AI score0.25924EPSS
Exploits1References2Affected Software1
Debian CVE
Debian CVE
added 2024/07/22 2:20 p.m.16 views

CVE-2024-32484

An reflected XSS vulnerability exists in the handling of invalid paths in the Flask server in Ankitects Anki 24.04. A specially crafted flashcard can lead to JavaScript code execution and result in an arbitrary file read. An attacker can share a malicious flashcard to trigger this vulnerability...

8.2CVSS6.2AI score0.25924EPSS
Exploits1
Talos
Talos
added 2024/07/22 12:0 a.m.34 views

Ankitects Anki MPV script injection vulnerability

Talos Vulnerability Report TALOS-2024-1993 Ankitects Anki MPV script injection vulnerability July 22, 2024 CVE Number CVE-2024-26020 SUMMARY An arbitrary script execution vulnerability exists in the MPV functionality of Ankitects Anki 24.04. A specially crafted flashcard can lead to a arbitrary...

9.6CVSS9.5AI score0.15067EPSS
Exploits1
Rows per page
Query Builder