135 matches found
CVE-2024-26020
An arbitrary script execution vulnerability exists in the MPV functionality of Ankitects Anki 24.04. A specially crafted flashcard can lead to a arbitrary code execution. An attacker can send malicious flashcard to trigger this vulnerability...
CVE-2024-26020
An arbitrary script execution vulnerability exists in the MPV functionality of Ankitects Anki 24.04. A specially crafted flashcard can lead to a arbitrary code execution. An attacker can send malicious flashcard to trigger this vulnerability...
CVE-2024-26020
CVE-2024-26020 : The vulnerability affects Ankitects Anki 24.04, where the MPV functionality in flashcards processes user-supplied content and can trigger arbitrary code execution via a crafted flashcard. Multiple connected sources corroborate exploitation potential and assign high/critical impac...
CVE-2024-26020
An arbitrary script execution vulnerability exists in the MPV functionality of Ankitects Anki 24.04. A specially crafted flashcard can lead to a arbitrary code execution. An attacker can send malicious flashcard to trigger this vulnerability...
Ankitects Anki MPV script injection vulnerability
Talos Vulnerability Report TALOS-2024-1993 Ankitects Anki MPV script injection vulnerability July 22, 2024 CVE Number CVE-2024-26020 SUMMARY An arbitrary script execution vulnerability exists in the MPV functionality of Ankitects Anki 24.04. A specially crafted flashcard can lead to a arbitrary...
PT-2024-21280 · Ankitects +1 · Anki +1
Name of the Vulnerable Software and Affected Versions: Ankitects Anki version 24.04 Description: A specially crafted flashcard can lead to arbitrary code execution due to an arbitrary script execution issue in the MPV functionality. An attacker can send a malicious flashcard to trigger this issue...
PT-2024-30757
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.5.0-41-generic 4122.04.2-Ubuntu Description The issue is related to a null pointer dereference in the dcn20 resource.c file of the Linux kernel's drm/amd/display module. This vulnerability can cause a hang when...
OESA-2024-1722 mpv security update
Mpv is a movie player based on MPlayer and mplayer2. It supports a wide variety of video file formats, audio and video codecs, and subtitle types. Special input URL types are available to read input from a variety of sources other than disk files. Depending on platform, a variety of different vid...
mpv-staufenberg.de Cross Site Scripting vulnerability OBB-3644127
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
[SECURITY] Fedora 38 Update: mpv-0.35.1-3.fc38
Mpv is a movie player based on MPlayer and mplayer2. It supports a wide varie ty of video file formats, audio and video codecs, and subtitle types. Special input URL types are available to read input from a variety of sources other than disk files. Depending on platform, a variety of different...
Fedora: Security Advisory for mpv (FEDORA-2023-a5e10b188a)
The remote host is missing an update for the Copyright C 2023 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Debian: Security Advisory (DLA-3358-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian dla-3358 : libmpv-dev - security update
The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3358 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3358-1 [email protected] https://www.debian.org/lts/security/...
DLA-3358-1 mpv - security update
Bulletin has no description...
[SECURITY] [DLA 3358-1] mpv security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3358-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz March 12, 2023 https://wiki.debian.org/LTS -...
CVE-2020-19824
An issue in MPV v.0.29.1 fixed in v0.30 allows attackers to execute arbitrary code and crash program via the aoc parameter...
CVE-2020-19824
An issue in MPV v.0.29.1 fixed in v0.30 allows attackers to execute arbitrary code and crash program via the aoc parameter...
DEBIAN-CVE-2020-19824
An issue in MPV v.0.29.1 fixed in v0.30 allows attackers to execute arbitrary code and crash program via the aoc parameter...
Code injection
An issue in MPV v.0.29.1 fixed in v0.30 allows attackers to execute arbitrary code and crash program via the aoc parameter...
CVE-2020-19824
An issue in MPV v.0.29.1 fixed in v0.30 allows attackers to execute arbitrary code and crash program via the aoc parameter...