13 matches found
Astra Linux - уязвимость в texlive-bin
LuaTeX prior to version 1.17.0 allowed the execution of arbitrary shell commands when compiling a TeX file obtained from an untrusted source. This occurs because the luatex-core.lua file allows access to the io.popen function. This issue also affects TeX Live prior to version 2023 r66984 and MiKT...
EUVD-2015-7998
Malware in sbrugna...
CVE-2025-10236
A vulnerability has been found in binary-husky gptacademic up to 3.91. Impacted is the function mergetexfiles of the file crazyfunctions/latexfns/latextoolbox.py of the component LaTeX File Handler. Such manipulation of the argument \input leads to path traversal. The attack may be launched...
CVE-2025-10236
A vulnerability has been found in binary-husky gptacademic up to 3.91. Impacted is the function mergetexfiles of the file crazyfunctions/latexfns/latextoolbox.py of the component LaTeX File Handler. Such manipulation of the argument \input leads to path traversal. The attack may be launched...
CVE-2025-10236
A vulnerability has been found in binary-husky gptacademic up to 3.91. Impacted is the function mergetexfiles of the file crazyfunctions/latexfns/latextoolbox.py of the component LaTeX File Handler. Such manipulation of the argument \input leads to path traversal. The attack may be launched...
CVE-2025-10236
CVE-2025-10236 affects binary-husky gpt_academic up to version 3.91. The vulnerability resides in the LaTeX File Handler’s merge_tex_files_ function inside crazy_functions/latex_fns/latex_toolbox.py, where untrusted input passed to the \
CVE-2025-10236 binary-husky gpt_academic LaTeX File latex_toolbox.py merge_tex_files_ path traversal
A vulnerability has been found in binary-husky gptacademic up to 3.91. Impacted is the function mergetexfiles of the file crazyfunctions/latexfns/latextoolbox.py of the component LaTeX File Handler. Such manipulation of the argument \input leads to path traversal. The attack may be launched...
Kpathsea: User-assisted execution of arbitrary code
Background Kpathsea is a library to do path searching. It is used by TeX Live and others TeX related software. Description It was discovered that the mpost program from the shellescapecommands list is capable of executing arbitrary external programs during the conversion of .tex files. The...
USN-3401-1 texlive-base vulnerability
It was discovered that TeX Live incorrectly handled certain system commands. If a user were tricked into processing a specially crafted TeX file, a remote attacker could execute arbitrary code...
openSUSE Security Update : moodle (moodle-803)
Special command sequences in TeX files allowed users to read arbitrary files CVE-2009-1171. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update moodle-803. The text description of this plugin is C...
openSUSE Security Update : moodle (moodle-803)
Special command sequences in TeX files allowed users to read arbitrary files CVE-2009-1171. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update moodle-803. The text description of this plugin is C...
openSUSE 10 Security Update : moodle (moodle-6198)
Special command sequences in TeX files allowed users to read arbitrary files CVE-2009-1171. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update moodle-6198. The text description of this plugin is ...
[SECURITY] Fedora 7 Update: kdegraphics-3.5.8-7.fc7
Graphics applications for the K Desktop Environment, including kamera digital camera support kcoloredit palette editor and color chooser kdvi displays TeX .dvi files kghostview displays postscript files kiconedit icon editor kooka scanner application kpdf displays PDF files kruler screen ruler an...