Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
In Ankitects Anki before 25.02.5, a crafted shared deck can place a YouTube downloader executable in the media folder, and this is executed for a YouTube link in the deck. The executable name could be youtube-dl.exe or yt-dlp.exe or yt-dlp_x86.exe.
CVSS Information
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
Vulnerability Type
对搜索路径元素未加控制
Vulnerability Title
Ankitects Anki 代码问题漏洞
Vulnerability Description
Ankitects Anki是Ankitects个人开发者的一个开源程序通过使用闪存卡来帮助记忆信息。 Ankitects Anki 25.02.5之前版本存在代码问题漏洞,该漏洞源于特制共享牌组可在媒体文件夹中放置YouTube下载器可执行文件,可能导致执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A