Lucene search
K

135 matches found

Cvelist
Cvelist
added 2024/07/22 2:20 p.m.38 views

CVE-2024-26020

An arbitrary script execution vulnerability exists in the MPV functionality of Ankitects Anki 24.04. A specially crafted flashcard can lead to a arbitrary code execution. An attacker can send malicious flashcard to trigger this vulnerability...

9.6CVSS0.15067EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/07/22 2:20 p.m.23 views

CVE-2024-26020

An arbitrary script execution vulnerability exists in the MPV functionality of Ankitects Anki 24.04. A specially crafted flashcard can lead to a arbitrary code execution. An attacker can send malicious flashcard to trigger this vulnerability...

9.6CVSS7.5AI score0.15067EPSS
Exploits1References1
CVE
CVE
added 2024/07/22 2:20 p.m.74 views

CVE-2024-26020

CVE-2024-26020 : The vulnerability affects Ankitects Anki 24.04, where the MPV functionality in flashcards processes user-supplied content and can trigger arbitrary code execution via a crafted flashcard. Multiple connected sources corroborate exploitation potential and assign high/critical impac...

9.6CVSS9.4AI score0.15067EPSS
Exploits1References2Affected Software1
Debian CVE
Debian CVE
added 2024/07/22 2:20 p.m.20 views

CVE-2024-26020

An arbitrary script execution vulnerability exists in the MPV functionality of Ankitects Anki 24.04. A specially crafted flashcard can lead to a arbitrary code execution. An attacker can send malicious flashcard to trigger this vulnerability...

9.6CVSS6.1AI score0.15067EPSS
Exploits1
Talos
Talos
added 2024/07/22 12:0 a.m.34 views

Ankitects Anki MPV script injection vulnerability

Talos Vulnerability Report TALOS-2024-1993 Ankitects Anki MPV script injection vulnerability July 22, 2024 CVE Number CVE-2024-26020 SUMMARY An arbitrary script execution vulnerability exists in the MPV functionality of Ankitects Anki 24.04. A specially crafted flashcard can lead to a arbitrary...

9.6CVSS9.5AI score0.15067EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2024/07/22 12:0 a.m.4 views

PT-2024-21280 · Ankitects +1 · Anki +1

Name of the Vulnerable Software and Affected Versions: Ankitects Anki version 24.04 Description: A specially crafted flashcard can lead to arbitrary code execution due to an arbitrary script execution issue in the MPV functionality. An attacker can send a malicious flashcard to trigger this issue...

9.6CVSS7.8AI score0.15067EPSS
Exploits1References19
Positive Technologies
Positive Technologies
added 2024/06/26 12:0 a.m.12 views

PT-2024-30757

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.5.0-41-generic 4122.04.2-Ubuntu Description The issue is related to a null pointer dereference in the dcn20 resource.c file of the Linux kernel's drm/amd/display module. This vulnerability can cause a hang when...

7.5CVSS5.5AI score0.00211EPSS
Exploits0
OSV
OSV
added 2024/06/14 11:8 a.m.3 views

OESA-2024-1722 mpv security update

Mpv is a movie player based on MPlayer and mplayer2. It supports a wide variety of video file formats, audio and video codecs, and subtitle types. Special input URL types are available to read input from a variety of sources other than disk files. Depending on platform, a variety of different vid...

7.8CVSS7.6AI score0.02409EPSS
Exploits1References2
Openbugbounty
Openbugbounty
added 2023/09/04 10:4 a.m.8 views

mpv-staufenberg.de Cross Site Scripting vulnerability OBB-3644127

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.1AI score
Exploits0
Fedora
Fedora
added 2023/03/14 12:24 a.m.53 views

[SECURITY] Fedora 38 Update: mpv-0.35.1-3.fc38

Mpv is a movie player based on MPlayer and mplayer2. It supports a wide varie ty of video file formats, audio and video codecs, and subtitle types. Special input URL types are available to read input from a variety of sources other than disk files. Depending on platform, a variety of different...

8.8CVSS7.4AI score0.01118EPSS
Exploits0
OpenVAS
OpenVAS
added 2023/03/14 12:0 a.m.14 views

Fedora: Security Advisory for mpv (FEDORA-2023-a5e10b188a)

The remote host is missing an update for the Copyright C 2023 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.8CVSS7.4AI score0.01118EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2023/03/13 12:0 a.m.11 views

Debian: Security Advisory (DLA-3358-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7CVSS7AI score0.00242EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2023/03/12 12:0 a.m.16 views

Debian dla-3358 : libmpv-dev - security update

The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3358 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3358-1 [email protected] https://www.debian.org/lts/security/...

7CVSS7.5AI score0.00242EPSS
Exploits1References4
OSV
OSV
added 2023/03/12 12:0 a.m.21 views

DLA-3358-1 mpv - security update

Bulletin has no description...

7CVSS6.7AI score0.00242EPSS
Exploits1
Debian
Debian
added 2023/03/11 11:32 p.m.16 views

[SECURITY] [DLA 3358-1] mpv security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3358-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz March 12, 2023 https://wiki.debian.org/LTS -...

7CVSS7.2AI score0.00242EPSS
Exploits1
NVD
NVD
added 2023/02/17 6:15 p.m.21 views

CVE-2020-19824

An issue in MPV v.0.29.1 fixed in v0.30 allows attackers to execute arbitrary code and crash program via the aoc parameter...

7CVSS7.2AI score0.00242EPSS
Exploits1References2
OSV
OSV
added 2023/02/17 6:15 p.m.10 views

CVE-2020-19824

An issue in MPV v.0.29.1 fixed in v0.30 allows attackers to execute arbitrary code and crash program via the aoc parameter...

7CVSS7.2AI score
Exploits0References2
OSV
OSV
added 2023/02/17 6:15 p.m.2 views

DEBIAN-CVE-2020-19824

An issue in MPV v.0.29.1 fixed in v0.30 allows attackers to execute arbitrary code and crash program via the aoc parameter...

7CVSS7.6AI score0.00242EPSS
Exploits1References1
Prion
Prion
added 2023/02/17 6:15 p.m.10 views

Code injection

An issue in MPV v.0.29.1 fixed in v0.30 allows attackers to execute arbitrary code and crash program via the aoc parameter...

3.7CVSS7.2AI score0.00242EPSS
Exploits1References2Affected Software1
UbuntuCve
UbuntuCve
added 2023/02/17 6:15 p.m.21 views

CVE-2020-19824

An issue in MPV v.0.29.1 fixed in v0.30 allows attackers to execute arbitrary code and crash program via the aoc parameter...

7CVSS7.1AI score0.00242EPSS
Exploits1References2
Rows per page
Query Builder