Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
TugTex Live

3 matches found

CVE
CVEadded 2024/02/29 1:44 a.m.3814 views

CVE-2024-25262

texlive-bin commit c515e was discovered to contain heap buffer overflow via the function ttfLoadHDMX:ttfdump. This vulnerability allows attackers to cause a Denial of Service (DoS) via supplying a crafted TTF file.

8.1CVSS7.2AI score0.00135EPSS
CVE
CVEadded 2023/05/20 6:15 p.m.305 views

CVE-2023-32700

LuaTeX before 1.17.0 allows execution of arbitrary shell commands when compiling a TeX file obtained from an untrusted source. This occurs because luatex-core.lua lets the original io.popen be accessed. This also affects TeX Live before 2023 r66984 and MiKTeX before 23.5.

8.8CVSS7.7AI score0.00246EPSS
CVE
CVEadded 2017/12/14 4:29 p.m.41 views

CVE-2017-17513

TeX Live through 20170524 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL, related to linked_scripts/context/stubs/unix/mtxrun, texmf-dist/scripts/context...

8.8CVSS8.5AI score0.00508EPSS