Lucene search
K

42 matches found

OSV
OSV
added 2024/11/07 2:15 p.m.2 views

UBUNTU-CVE-2024-43426

A flaw was found in pdfTeX. Insufficient sanitizing in the TeX notation filter resulted in an arbitrary file read risk on sites where pdfTeX is available, such as those with TeX Live installed...

7.5CVSS5.9AI score0.00597EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/11/07 1:22 p.m.27 views

CVE-2024-43426 Moodle: arbitrary file read risk through pdftex

A flaw was found in pdfTeX. Insufficient sanitizing in the TeX notation filter resulted in an arbitrary file read risk on sites where pdfTeX is available, such as those with TeX Live installed...

7.5CVSS0.00597EPSS
Exploits0References2
OSV
OSV
added 2024/11/07 1:22 p.m.5 views

CVE-2024-43426 Moodle: arbitrary file read risk through pdftex

A flaw was found in pdfTeX. Insufficient sanitizing in the TeX notation filter resulted in an arbitrary file read risk on sites where pdfTeX is available, such as those with TeX Live installed...

7.5CVSS7.1AI score0.00597EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2024/11/07 1:22 p.m.11 views

CVE-2024-43426 Moodle: arbitrary file read risk through pdftex

A flaw was found in pdfTeX. Insufficient sanitizing in the TeX notation filter resulted in an arbitrary file read risk on sites where pdfTeX is available, such as those with TeX Live installed...

7.5CVSS7.4AI score0.00597EPSS
Exploits0References2
CVE
CVE
added 2024/11/07 1:22 p.m.85 views

CVE-2024-43426

CVE-2024-43426 is an arbitrary file read risk caused by insufficient sanitizing in the pdfTeX TeX notation filter. The vulnerability arises on systems where pdfTeX is available (e.g., TeX Live). Public sources repeatedly reference Moodle-related disclosure and OSV/GHSA entries, confirming the sam...

7.5CVSS7.5AI score0.00597EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2024/11/07 12:0 a.m.8 views

PT-2024-30578 · Pdftex +1 · Pdftex +1

Name of the Vulnerable Software and Affected Versions: pdfTeX affected versions not specified Description: A flaw was found in pdfTeX, where insufficient sanitizing in the TeX notation filter resulted in an arbitrary file read risk on sites where pdfTeX is available, such as those with TeX Live...

8.8CVSS5.7AI score0.83343EPSS
Exploits8References77
SUSE CVE
SUSE CVE
added 2024/03/29 3:31 a.m.4 views

SUSE CVE-2023-46051

TeX Live 944e257 allows a NULL pointer dereference in texk/web2c/pdftexdir/tounicode.c. NOTE: this is disputed because it should be categorized as a usability problem...

3.3CVSS6.9AI score0.00258EPSS
Exploits0References4
OSV
OSV
added 2024/03/27 5:15 a.m.3 views

DEBIAN-CVE-2023-46048

Tex Live 944e257 has a NULL pointer dereference in texk/web2c/pdftexdir/writet1.c. NOTE: this is disputed because it should be categorized as a usability problem...

6.2CVSS5.2AI score0.00288EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/01/26 12:0 a.m.4 views

PT-2024-13324 · Tex Live +2 · Tex Live +2

Name of the Vulnerable Software and Affected Versions: TeX Live version 944e257 Description: The issue in TeX Live allows a NULL pointer dereference in the tounicode.c file, located in texk/web2c/pdftexdir. However, it is noted that this issue is disputed and might be categorized as a usability...

6.2CVSS4.9AI score0.00288EPSS
Exploits0References28
Tenable Nessus
Tenable Nessus
added 2023/09/07 12:0 a.m.18 views

Oracle Linux 7 : texlive (ELSA-2020-1036)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2020-1036 advisory. 2:2012-45.20130427r30134 - Related: 1650521, buffer overflow in t1checkunusualcharstring function 2:2012-44.20130427r30134 - Resolves: 1650521, buffer overflow ...

7.8CVSS7.6AI score0.02058EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/02/22 12:0 a.m.138 views

EulerOS 2.0 SP2 : texlive (EulerOS-SA-2021-1368)

According to the version of the texlive packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - An issue was discovered in t1checkunusualcharstring functions in writet1.c files in TeX Live before 2018-09-21. A buffer overflow in the handling ...

7.8CVSS8.3AI score0.02058EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/02/22 12:0 a.m.26 views

Huawei EulerOS: Security Advisory for texlive (EulerOS-SA-2021-1368)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.6AI score0.02058EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2020/12/11 12:0 a.m.78 views

NewStart CGSL CORE 5.04 / MAIN 5.04 : texlive Vulnerability (NS-SA-2020-0078)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has texlive packages installed that are affected by a vulnerability: - An issue was discovered in t1checkunusualcharstring functions in writet1.c files in TeX Live before 2018-09-21. A buffer overflow in the handling of Type 1...

7.8CVSS8.3AI score0.02058EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2020/07/20 12:0 a.m.38 views

Amazon Linux 2 : texlive (ALAS-2020-1461)

The version of texlive installed on the remote host is prior to 2012-38.20130427r30134. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2020-1461 advisory. An issue was discovered in t1checkunusualcharstring functions in writet1.c files in TeX Live before 2018-09-21. A...

7.8CVSS8.3AI score0.02058EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2019/01/02 12:0 a.m.29 views

SUSE SLED15 / SLES15 Security Update : texlive (SUSE-SU-2018:3122-1)

This update for texlive fixes the following issue : CVE-2018-17407: Prevent buffer overflow when handling of Type 1 fonts allowed arbitrary code execution when a malicious font was loaded by one of the vulnerable tools: pdflatex, pdftex, dvips, or luatex bsc1109673. Note that Tenable Network...

7.8CVSS8.2AI score0.02058EPSS
Exploits0References4
Mageia
Mageia
added 2018/10/14 12:58 a.m.49 views

Updated texlive packages fix security vulnerability

Updated texlive packages fix security vulnerability: A buffer overflow in the handling of Type 1 fonts allowed arbitrary code execution when a malicious font is loaded by one of the vulnerable tools: pdflatex, pdftex, dvips, or luatex CVE-2018-17407...

7.8CVSS2.2AI score0.02058EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2018/10/09 12:0 a.m.32 views

SUSE SLED12 / SLES12 Security Update : texlive (SUSE-SU-2018:3033-1)

This update for texlive fixes the following issue : CVE-2018-17407: Prevent buffer overflow when handling of Type 1 fonts allowed arbitrary code execution when a malicious font was loaded by one of the vulnerable tools: pdflatex, pdftex, dvips, or luatex bsc1109673 Note that Tenable Network...

7.8CVSS8.2AI score0.02058EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2018/09/25 3:23 p.m.52 views

CVE-2018-17407

An issue was discovered in t1checkunusualcharstring functions in writet1.c files in TeX Live before 2018-09-21. A buffer overflow in the handling of Type 1 fonts allows arbitrary code execution when a malicious font is loaded by one of the vulnerable tools: pdflatex, pdftex, dvips, or luatex...

7.8CVSS2.3AI score0.02058EPSS
Exploits0References2
Prion
Prion
added 2018/09/23 9:29 p.m.17 views

Buffer overflow

An issue was discovered in t1checkunusualcharstring functions in writet1.c files in TeX Live before 2018-09-21. A buffer overflow in the handling of Type 1 fonts allows arbitrary code execution when a malicious font is loaded by one of the vulnerable tools: pdflatex, pdftex, dvips, or luatex...

6.8CVSS7.9AI score0.02058EPSS
Exploits0References5Affected Software3
OSV
OSV
added 2018/09/23 9:29 p.m.21 views

CVE-2018-17407

An issue was discovered in t1checkunusualcharstring functions in writet1.c files in TeX Live before 2018-09-21. A buffer overflow in the handling of Type 1 fonts allows arbitrary code execution when a malicious font is loaded by one of the vulnerable tools: pdflatex, pdftex, dvips, or luatex...

7.8CVSS8AI score
Exploits0References5
Rows per page
Query Builder