Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
emacs vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-48337
GNU Emacs up to and including 28.2 allows malicious users to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c uses the system C library function in its implementation of the etags program. For example, a victim may use the "...
Gnu Emacs
Debian Debian Linux 11.0
NA
CVE-2022-45939
GNU Emacs up to and including 28.2 allows malicious users to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c uses the system C library function in its implementation of the ctags program. For example, a victim may use the "...
Gnu Emacs
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Fedoraproject Fedora 36
Fedoraproject Fedora 37
2.1
CVSSv2
CVE-2017-1000383
GNU Emacs version 25.3.1 (and other versions most likely) ignores umask when creating a backup save file ("[ORIGINAL_FILENAME]~") resulting in files that may be world readable or otherwise accessible in ways not intended by the user running the emacs binary.
Gnu Emacs
5
CVSSv2
CVE-2014-9483
Emacs 24.4 allows remote malicious users to bypass security restrictions.
Gnu Emacs 24.4
3.3
CVSSv2
CVE-2014-3421
lisp/gnus/gnus-fun.el in GNU Emacs 24.3 and previous versions allows local users to overwrite arbitrary files via a symlink attack on the /tmp/gnus.face.ppm temporary file.
Mageia Project Mageia 4
Mageia Project Mageia 3
Gnu Emacs 20.0
Gnu Emacs 20.1
Gnu Emacs 20.2
Gnu Emacs 20.3
Gnu Emacs 22.2
Gnu Emacs 22.3
Gnu Emacs 23.1
Gnu Emacs 23.2
Gnu Emacs 23.3
Gnu Emacs 21
Gnu Emacs 21.1
Gnu Emacs 21.2
Gnu Emacs 21.2.1
Gnu Emacs 20.4
Gnu Emacs 20.6
Gnu Emacs 21.3.1
Gnu Emacs 22.1
Gnu Emacs 24.1
Gnu Emacs
Gnu Emacs 20.5
3.3
CVSSv2
CVE-2014-3424
lisp/net/tramp-sh.el in GNU Emacs 24.3 and previous versions allows local users to overwrite arbitrary files via a symlink attack on a /tmp/tramp.##### temporary file.
Mageia Project Mageia 4
Mageia Project Mageia 3
Gnu Emacs 21.3.1
Gnu Emacs 21.4
Gnu Emacs 22.1
Gnu Emacs 22.2
Gnu Emacs 20.5
Gnu Emacs 20.1
Gnu Emacs 20.3
Gnu Emacs 21.2
Gnu Emacs 21.3
Gnu Emacs 22.3
Gnu Emacs 23.2
Gnu Emacs 20.6
Gnu Emacs 20.7
Gnu Emacs 21
Gnu Emacs 23.4
Gnu Emacs 24.1
Gnu Emacs 24.2
Gnu Emacs
Gnu Emacs 20.0
Gnu Emacs 20.2
3.3
CVSSv2
CVE-2014-3422
lisp/emacs-lisp/find-gc.el in GNU Emacs 24.3 and previous versions allows local users to overwrite arbitrary files via a symlink attack on a temporary file under /tmp/esrc/.
Gnu Emacs 20.7
Gnu Emacs 21
Gnu Emacs 21.1
Gnu Emacs 21.2
Gnu Emacs
Gnu Emacs 20.0
Gnu Emacs 20.1
Gnu Emacs 20.2
Gnu Emacs 22.2
Gnu Emacs 22.3
Gnu Emacs 23.1
Gnu Emacs 23.2
Gnu Emacs 20.3
Gnu Emacs 20.5
Gnu Emacs 21.3
Gnu Emacs 21.4
Gnu Emacs 23.4
Gnu Emacs 24.2
Gnu Emacs 20.4
Gnu Emacs 20.6
Gnu Emacs 21.2.1
Gnu Emacs 21.3.1
3.3
CVSSv2
CVE-2014-3423
lisp/net/browse-url.el in GNU Emacs 24.3 and previous versions allows local users to overwrite arbitrary files via a symlink attack on a /tmp/Mosaic.##### temporary file.
Mageia Project Mageia 3
Mageia Project Mageia 4
Gnu Emacs 21.1
Gnu Emacs 21.2
Gnu Emacs 21.2.1
Gnu Emacs 21.3
Gnu Emacs 20.0
Gnu Emacs 20.1
Gnu Emacs 20.2
Gnu Emacs 20.3
Gnu Emacs 22.3
Gnu Emacs 23.1
Gnu Emacs 23.2
Gnu Emacs 23.3
Gnu Emacs 20.5
Gnu Emacs 20.7
Gnu Emacs 21.4
Gnu Emacs 22.2
Gnu Emacs 23.4
Gnu Emacs 24.2
Gnu Emacs 20.4
Gnu Emacs 20.6
4.3
CVSSv2
CVE-2012-1103
emacs/notmuch-mua.el in Notmuch prior to 0.11.1, when using the Emacs interface, allows user-assisted remote malicious users to read arbitrary files via crafted MML tags, which are not properly quoted in an email reply cna cause the files to be attached to the message.
Notmuchmail Notmuch 0.11
Notmuchmail Notmuch 0.10.2
Notmuchmail Notmuch 0.10.1
Notmuchmail Notmuch 0.6
Notmuchmail Notmuch 0.5
Notmuchmail Notmuch 0.4
Notmuchmail Notmuch 0.10
Notmuchmail Notmuch 0.7
Notmuchmail Notmuch 0.6.1
Notmuchmail Notmuch 0.3
Notmuchmail Notmuch 0.1.1
Notmuchmail Notmuch 0.9
Notmuchmail Notmuch 0.8
Notmuchmail Notmuch 0.1
Notmuchmail Notmuch
Notmuchmail Notmuch 0.3.1
Notmuchmail Notmuch 0.2
6.8
CVSSv2
CVE-2012-3479
lisp/files.el in Emacs 23.2, 23.3, 23.4, and 24.1 automatically executes eval forms in local-variable sections when the enable-local-variables option is set to :safe, which allows user-assisted remote malicious users to execute arbitrary Emacs Lisp code via a crafted file.
Gnu Emacs 23.2
Gnu Emacs 23.3
Gnu Emacs 23.4
Gnu Emacs 24.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028
memory leak
log injection
CVE-2024-3400
CVE-2022-48695
CVE-2022-48675
CVE-2024-34487
CVE-2024-33792
spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »