CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 1CVE-2023-32668 – Ubuntu Security Notice USN-6695-1
https://notcve.org/view.php?id=CVE-2023-32668
11 May 2023 — LuaTeX before 1.17.0 allows a document (compiled with the default settings) to make arbitrary network requests. This occurs because full access to the socket library is permitted by default, as stated in the documentation. This also affects TeX Live before 2023 r66984 and MiKTeX before 23.5. It was discovered that TeX Live incorrectly handled certain memory operations in the embedded axodraw2 tool. An attacker could possibly use this issue to cause TeX Live to crash, resulting in a denial of service. • https://gitlab.lisn.upsaclay.fr/texlive/luatex/-/blob/b266ef076c96b382cd23a4c93204e247bb98626a/source/texk/web2c/luatexdir/ChangeLog#L1-L3 •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2018-17407 – texlive: Buffer overflow in t1_check_unusual_charstring function in writet1.c
https://notcve.org/view.php?id=CVE-2018-17407
23 Sep 2018 — An issue was discovered in t1_check_unusual_charstring functions in writet1.c files in TeX Live before 2018-09-21. A buffer overflow in the handling of Type 1 fonts allows arbitrary code execution when a malicious font is loaded by one of the vulnerable tools: pdflatex, pdftex, dvips, or luatex. Se ha descubierto un problema en las funciones t1_check_unusual_charstring en los archivos writet1.c en TeX Live en versiones anteriores al 21/09/2018. Un desbordamiento de búfer en el manejo de fuentes Type 1 permi... • https://github.com/TeX-Live/texlive-source/commit/6ed0077520e2b0da1fd060c7f88db7b2e6068e4c • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-17513
https://notcve.org/view.php?id=CVE-2017-17513
14 Dec 2017 — TeX Live through 20170524 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL, related to linked_scripts/context/stubs/unix/mtxrun, texmf-dist/scripts/context/stubs/mswin/mtxrun.lua, and texmf-dist/tex/luatex/lualibs/lualibs-os.lua. TeX Live hasta la versión 20170524 no valida cadenas antes de iniciar el programa especificado por la variable de entorno BROWSER. Esto po... • https://security-tracker.debian.org/tracker/CVE-2017-17513 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 9.8EPSS: 2%CPEs: 13EXPL: 0CVE-2010-1440 – texlive: Integer overflow by processing special commands
https://notcve.org/view.php?id=CVE-2010-1440
07 May 2010 — Multiple integer overflows in dvipsk/dospecial.c in dvips in TeX Live 2009 and earlier, and teTeX, allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a special command in a DVI file, related to the (1) predospecial and (2) bbdospecial functions, a different vulnerability than CVE-2010-0739. Múltiples desbordamientos de enteros en dvipsk/dospecial.c en dvips en TeX Live 2009 y anteriores y teTeX, permite a atacantes remotos causar una denegación de ... • http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041573.html • CWE-189: Numeric Errors CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 5%CPEs: 13EXPL: 0CVE-2010-0827 – texlive: Buffer overflow flaw by processing virtual font files
https://notcve.org/view.php?id=CVE-2010-0827
07 May 2010 — Integer overflow in dvips in TeX Live 2009 and earlier, and teTeX, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted virtual font (VF) file associated with a DVI file. Desbordamiento de entero en dvips en TeX Live 2009 y anteriores, y teTeX, permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) o posiblemente ejecutar código de su elección a través de una fuente virtual manipulada, asociada a un fichero D... • http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00002.html • CWE-189: Numeric Errors •