392 matches found
CVE-2024-25262
texlive-bin commit c515e was discovered to contain heap buffer overflow via the function ttfLoadHDMX:ttfdump. This vulnerability allows attackers to cause a Denial of Service DoS via supplying a crafted TTF file...
DEBIAN-CVE-2024-25262
texlive-bin commit c515e was discovered to contain heap buffer overflow via the function ttfLoadHDMX:ttfdump. This vulnerability allows attackers to cause a Denial of Service DoS via supplying a crafted TTF file...
Heap overflow
texlive-bin commit c515e was discovered to contain heap buffer overflow via the function ttfLoadHDMX:ttfdump. This vulnerability allows attackers to cause a Denial of Service DoS via supplying a crafted TTF file...
UBUNTU-CVE-2024-25262
texlive-bin commit c515e was discovered to contain heap buffer overflow via the function ttfLoadHDMX:ttfdump. This vulnerability allows attackers to cause a Denial of Service DoS via supplying a crafted TTF file...
CVE-2024-25262
texlive-bin commit c515e was discovered to contain heap buffer overflow via the function ttfLoadHDMX:ttfdump. This vulnerability allows attackers to cause a Denial of Service DoS via supplying a crafted TTF file...
CentOS 9 : texlive-20200406-26.el9
The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the texlive-20200406-26.el9 build changelog. - LuaTeX before 1.17.0 allows execution of arbitrary shell commands when compiling a TeX file obtained from an untrusted source. This occurs...
CVE-2024-25262
texlive-bin commit c515e was discovered to contain heap buffer overflow via the function ttfLoadHDMX:ttfdump. This vulnerability allows attackers to cause a Denial of Service DoS via supplying a crafted TTF file...
CVE-2024-25262
texlive-bin commit c515e was discovered to contain heap buffer overflow via the function ttfLoadHDMX:ttfdump. This vulnerability allows attackers to cause a Denial of Service DoS via supplying a crafted TTF file...
PT-2024-5166 · Tex Live +3 · Texlive-Bin +3
Name of the Vulnerable Software and Affected Versions: texlive-bin version c515e Description: The issue is related to a heap buffer overflow in the ttfLoadHDMX:ttfdump function of the texlive-bin component in TeX Live computer typesetting systems. This allows attackers to cause a Denial of Servic...
CVE-2024-25262
texlive-bin commit c515e was discovered to contain heap buffer overflow via the function ttfLoadHDMX:ttfdump. This vulnerability allows attackers to cause a Denial of Service DoS via supplying a crafted TTF file...
CVE-2024-25262
CVE-2024-25262 affects TeX Live's texlive-bin. A heap buffer overflow in the ttfLoadHDMX:ttfdump path can be triggered by a crafted TTF file, enabling Denial of Service (DoS) and, per some advisories, potential arbitrary code execution. Public disclosures across Ubuntu/Debian and related advisori...
CentOS 8 : texlive (CESA-2023:3661)
The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2023:3661 advisory. - LuaTeX before 1.17.0 allows execution of arbitrary shell commands when compiling a TeX file obtained from an untrusted source. This occurs because...
openSUSE 15: libkpathsea6 / libptexenc1 / libsynctex2 / libtexlua53-5 / etc (SUSE-SU-2023:2284-2)
The remote openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2023:2284-2 advisory. - CVE-2023-32700: Fixed arbitrary code execution in LuaTeX bsc1211389. Tenable has extracted the preceding description block directly from the SUSE security...
SUSE-SU-2023:2284-2 Security update for texlive
This update for texlive fixes the following issues: - CVE-2023-32700: Fixed arbitrary code execution in LuaTeX bsc1211389...
Mageia: Security Advisory (MGASA-2023-0233)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
MGASA-2023-0233 Updated texlive packages fix security vulnerability
Any document compiled with older versions of LuaTeX can execute arbitrary shell commands, even with shell escape disabled. CVE-2023-32700...
Updated texlive packages fix security vulnerability
Any document compiled with older versions of LuaTeX can execute arbitrary shell commands, even with shell escape disabled. CVE-2023-32700...
texlive security update
An update is available for texlive. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The texlive packages contain TeXLive, an implementation of TeX for Linux or...
RLSA-2023:3661 Important: texlive security update
The texlive packages contain TeXLive, an implementation of TeX for Linux or UNIX systems. Security Fixes: texlive: arbitrary code execution allows document complied with older version CVE-2023-32700 For more details about the security issues, including the impact, a CVSS score, acknowledgments, a...
Oracle Linux 8 / 9 : texlive (ELSA-2023-3661)
The remote Oracle Linux 8 / 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-3661 advisory. 9:20200406-26 - Resolves: 2209872, CVE-2023-32700 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. No...