Vulnerabilidades em Ankitects
8 resultadosCVE-2024-32484HIGHAn reflected XSS vulnerability exists in the handling of invalid paths in the Flask server in Ankitects Anki 24.04. A specially crafted flasEPSS 24.4%CVE-2024-26020CRITICALAn arbitrary script execution vulnerability exists in the MPV functionality of Ankitects Anki 24.04. A specially crafted flashcard can lead EPSS 14.1%CVE-2024-32152LOWA blocklist bypass vulnerability exists in the LaTeX functionality of Ankitects Anki 24.04. A specially crafted malicious flashcard can leadEPSS 11.3%CVE-2024-29073MEDIUMAn vulnerability in the handling of Latex exists in Ankitects Anki 24.04. When Latex is sanitized to prevent unsafe commands, the verbatim pEPSS 10.8%CVE-2025-43703MEDIUMAn issue was discovered in Ankitects Anki through 25.02. A crafted shared deck can result in attacker-controlled access to the internal API EPSS 0.2%CVE-2025-62187LOWIn Ankitects Anki before 25.02.6, crafted sound file references could cause files to be written to arbitrary locations on Windows and Linux EPSS 0.2%CVE-2025-62185MEDIUMIn Ankitects Anki before 25.02.5, a crafted shared deck can place a YouTube downloader executable in the media folder, and this is executed EPSS 0.1%CVE-2025-62186MEDIUMAnkitects Anki before 25.02.5 allows a crafted shared deck on Windows to execute arbitrary commands when playing audio because of URL schemeEPSS 0.1%