Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

22 matches found

Veracode
Veracodeadded 2023/06/04 11:56 p.m.22 views

Arbitrary Code Execution

textlive is vulnerable to Arbitrary Code Execution. The vulnerability exits because the TeX file was not properly validated, which allowed an attacker to execute untrusted input into the system...

7.8CVSS7.3AI score0.00253EPSS
Exploits0References10Affected Software1
Tenable Nessus
Tenable Nessusadded 2023/05/20 12:0 a.m.19 views

Debian DSA-5406-1 : texlive-bin - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dsa-5406 advisory. - LuaTeX before 1.17.0 allows execution of arbitrary shell commands when compiling a TeX file obtained from an untrusted source. This occurs because luatex-core.lua lets t...

8.8CVSS7.9AI score0.00253EPSS
Exploits0References5
Veracode
Veracodeadded 2020/12/06 4:41 a.m.15 views

Arbitrary Code Execution

latex2rtf is vulnerable to arbitrary code execution. A remote attacker could execute arbitrary code via a crafted TeX file due to a format string vulnerability in the CmdKeywords function in funct1.c...

7.8CVSS5.6AI score0.00877EPSS
Exploits0References7Affected Software1
Tenable Nessus
Tenable Nessusadded 2017/09/18 12:0 a.m.29 views

GLSA-201709-07 : Kpathsea: User-assisted execution of arbitrary code

The remote host is affected by the vulnerability described in GLSA-201709-07 Kpathsea: User-assisted execution of arbitrary code It was discovered that the mpost program from the shellescapecommands list is capable of executing arbitrary external programs during the conversion of .tex files. The...

9.8CVSS8.9AI score0.1059EPSS
Exploits1References2
ArchLinux
ArchLinuxadded 2016/05/06 12:0 a.m.30 views

latex2rtf: arbitrary code execution

A format string vulnerability was found in the CmdKeywords function, where the user-controlled variable 'keywords' is passed as a format argument to vnsprintf, when processing the \keywords command in a TeX file...

4.6AI score0.00877EPSS
Exploits0References2
OSV
OSVadded 2016/04/18 2:59 p.m.1 views

CVE-2015-8106

Format string vulnerability in the CmdKeywords function in funct1.c in latex2rtf before 2.3.10 allows remote attackers to execute arbitrary code via format string specifiers in the \keywords command in a crafted TeX file...

7.8CVSS7.9AI score
Exploits0References6
OSV
OSVadded 2016/04/18 2:59 p.m.1 views

DEBIAN-CVE-2015-8106

Format string vulnerability in the CmdKeywords function in funct1.c in latex2rtf before 2.3.10 allows remote attackers to execute arbitrary code via format string specifiers in the \keywords command in a crafted TeX file...

7.8CVSS8AI score0.00877EPSS
Exploits0References1
NVD
NVDadded 2016/04/18 2:59 p.m.15 views

CVE-2015-8106

Format string vulnerability in the CmdKeywords function in funct1.c in latex2rtf before 2.3.10 allows remote attackers to execute arbitrary code via format string specifiers in the \keywords command in a crafted TeX file...

9.3CVSS7.9AI score0.00877EPSS
Exploits0References6
UbuntuCve
UbuntuCveadded 2016/04/18 2:59 p.m.21 views

CVE-2015-8106

Format string vulnerability in the CmdKeywords function in funct1.c in latex2rtf before 2.3.10 allows remote attackers to execute arbitrary code via format string specifiers in the \keywords command in a crafted TeX file...

9.3CVSS7.4AI score0.00877EPSS
Exploits0References2
Prion
Prionadded 2016/04/18 2:59 p.m.12 views

Format string

Format string vulnerability in the CmdKeywords function in funct1.c in latex2rtf before 2.3.10 allows remote attackers to execute arbitrary code via format string specifiers in the \keywords command in a crafted TeX file...

9.3CVSS8.1AI score0.00877EPSS
Exploits0References6Affected Software2
Debian CVE
Debian CVEadded 2016/04/18 2:0 p.m.18 views

CVE-2015-8106

Format string vulnerability in the CmdKeywords function in funct1.c in latex2rtf before 2.3.10 allows remote attackers to execute arbitrary code via format string specifiers in the \keywords command in a crafted TeX file...

9.3CVSS7.9AI score0.00877EPSS
Exploits0
Cvelist
Cvelistadded 2016/04/18 2:0 p.m.17 views

CVE-2015-8106

Format string vulnerability in the CmdKeywords function in funct1.c in latex2rtf before 2.3.10 allows remote attackers to execute arbitrary code via format string specifiers in the \keywords command in a crafted TeX file...

7.8AI score0.00877EPSS
Exploits0References6
OpenVAS
OpenVASadded 2015/11/23 12:0 a.m.18 views

Mageia: Security Advisory (MGASA-2015-0453)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS7.6AI score0.00877EPSS
Exploits0References5
Mageia
Mageiaadded 2015/11/19 10:8 p.m.34 views

Updated latex2rtf packages fix security vulnerability

A format string vulnerability was found in CmdKeywords function when processing \keywords command in tex file. When the user runs latex2rtf with malicious crafted tex file, an attacker can execute arbitrary code. The variable 'keywords' in the function CmdKeywords may hold a malicious input strin...

9.3CVSS7.8AI score0.00877EPSS
Exploits0References3
OpenVAS
OpenVASadded 2011/04/06 12:0 a.m.25 views

Ubuntu: Security Advisory (USN-1103-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS6.5AI score0.02102EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2010/02/24 12:0 a.m.26 views

Debian DSA-1917-1 : mimetex - several vulnerabilities

Several vulnerabilities have been discovered in mimetex, a lightweight alternative to MathML. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2009-1382 Chris Evans and Damien Miller, discovered multiple stack-based buffer overflow. An attacker could...

10CVSS6.3AI score0.11169EPSS
Exploits2References6
OSV
OSVadded 2009/07/14 8:30 p.m.4 views

CVE-2009-1382

Multiple stack-based buffer overflows in mimetex.cgi in mimeTeX, when downloaded before 20090713, allow remote attackers to execute arbitrary code via a TeX file with long 1 picture, 2 circle, or 3 input tags...

7.5AI score
Exploits0References12
NVD
NVDadded 2009/07/14 8:30 p.m.10 views

CVE-2009-1382

Multiple stack-based buffer overflows in mimetex.cgi in mimeTeX, when downloaded before 20090713, allow remote attackers to execute arbitrary code via a TeX file with long 1 picture, 2 circle, or 3 input tags...

10CVSS7.5AI score0.11169EPSS
Exploits1References10
Prion
Prionadded 2009/07/14 8:30 p.m.10 views

Stack overflow

Multiple stack-based buffer overflows in mimetex.cgi in mimeTeX, when downloaded before 20090713, allow remote attackers to execute arbitrary code via a TeX file with long 1 picture, 2 circle, or 3 input tags...

10CVSS8.1AI score0.11169EPSS
Exploits1References10Affected Software1
Cvelist
Cvelistadded 2009/07/14 8:16 p.m.13 views

CVE-2009-1382

Multiple stack-based buffer overflows in mimetex.cgi in mimeTeX, when downloaded before 20090713, allow remote attackers to execute arbitrary code via a TeX file with long 1 picture, 2 circle, or 3 input tags...

7.4AI score0.11169EPSS
Exploits1References10
Rows per page
Query Builder