Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gnu emacs vulnerabilities and exploits
(subscribe to this query)
4.6
CVSSv2
CVE-2008-1694
vcdiff in Emacs 20.7 to 22.1.50, when used with SCCS, allows local users to overwrite arbitrary files via a symlink attack on temporary files.
Gnu Emacs 21.3
Gnu Emacs 21.4
Gnu Sccs
Gnu Emacs 20.7
Gnu Emacs 21.1
Gnu Emacs 21.2
4.6
CVSSv2
CVE-2003-0440
The (1) semi MIME library 1.14.5 and previous versions, and (2) wemi 1.14.0 and possibly other versions, allows local users to overwrite arbitrary files via a symlink attack on temporary files.
Semi Semi 1.14.3
Debian Debian Linux 3.0
4.6
CVSSv2
CVE-2000-0271
read-passwd and other Lisp functions in Emacs 20 do not properly clear the history of recently typed keys, which allows an malicious user to read unencrypted passwords.
Gnu Emacs 20.1
Gnu Emacs 20.5
Gnu Emacs 20.4
Gnu Emacs 20.6
Gnu Emacs 20.2
Gnu Emacs 20.3
Gnu Emacs 20.0
4.4
CVSSv2
CVE-2010-0825
lib-src/movemail.c in movemail in emacs 22 and 23 allows local users to read, modify, or delete arbitrary mailbox files via a symlink attack, related to improper file-permission checks.
Gnu Emacs 22.1
Gnu Emacs 22.2
Gnu Emacs 22.3
Gnu Emacs 23.1
3.6
CVSSv2
CVE-2000-0270
The make-temp-name Lisp function in Emacs 20 creates temporary files with predictable names, which allows malicious users to conduct a symlink attack.
Gnu Emacs 20.1
Gnu Emacs 20.5
Gnu Emacs 20.4
Gnu Emacs 20.6
Gnu Emacs 20.2
Gnu Emacs 20.3
Gnu Emacs 20.0
3.3
CVSSv2
CVE-2014-3421
lisp/gnus/gnus-fun.el in GNU Emacs 24.3 and previous versions allows local users to overwrite arbitrary files via a symlink attack on the /tmp/gnus.face.ppm temporary file.
Mageia Project Mageia 4
Mageia Project Mageia 3
Gnu Emacs 20.0
Gnu Emacs 20.1
Gnu Emacs 20.2
Gnu Emacs 20.3
Gnu Emacs 22.2
Gnu Emacs 22.3
Gnu Emacs 23.1
Gnu Emacs 23.2
Gnu Emacs 23.3
Gnu Emacs 21
Gnu Emacs 21.1
Gnu Emacs 21.2
Gnu Emacs 21.2.1
Gnu Emacs 20.4
Gnu Emacs 20.6
Gnu Emacs 21.3.1
Gnu Emacs 22.1
Gnu Emacs 24.1
Gnu Emacs
Gnu Emacs 20.5
3.3
CVSSv2
CVE-2014-3422
lisp/emacs-lisp/find-gc.el in GNU Emacs 24.3 and previous versions allows local users to overwrite arbitrary files via a symlink attack on a temporary file under /tmp/esrc/.
Gnu Emacs 20.7
Gnu Emacs 21
Gnu Emacs 21.1
Gnu Emacs 21.2
Gnu Emacs
Gnu Emacs 20.0
Gnu Emacs 20.1
Gnu Emacs 20.2
Gnu Emacs 22.2
Gnu Emacs 22.3
Gnu Emacs 23.1
Gnu Emacs 23.2
Gnu Emacs 20.3
Gnu Emacs 20.5
Gnu Emacs 21.3
Gnu Emacs 21.4
Gnu Emacs 23.4
Gnu Emacs 24.2
Gnu Emacs 20.4
Gnu Emacs 20.6
Gnu Emacs 21.2.1
Gnu Emacs 21.3.1
3.3
CVSSv2
CVE-2014-3423
lisp/net/browse-url.el in GNU Emacs 24.3 and previous versions allows local users to overwrite arbitrary files via a symlink attack on a /tmp/Mosaic.##### temporary file.
Mageia Project Mageia 3
Mageia Project Mageia 4
Gnu Emacs 21.1
Gnu Emacs 21.2
Gnu Emacs 21.2.1
Gnu Emacs 21.3
Gnu Emacs 20.0
Gnu Emacs 20.1
Gnu Emacs 20.2
Gnu Emacs 20.3
Gnu Emacs 22.3
Gnu Emacs 23.1
Gnu Emacs 23.2
Gnu Emacs 23.3
Gnu Emacs 20.5
Gnu Emacs 20.7
Gnu Emacs 21.4
Gnu Emacs 22.2
Gnu Emacs 23.4
Gnu Emacs 24.2
Gnu Emacs 20.4
Gnu Emacs 20.6
3.3
CVSSv2
CVE-2014-3424
lisp/net/tramp-sh.el in GNU Emacs 24.3 and previous versions allows local users to overwrite arbitrary files via a symlink attack on a /tmp/tramp.##### temporary file.
Mageia Project Mageia 4
Mageia Project Mageia 3
Gnu Emacs 21.3.1
Gnu Emacs 21.4
Gnu Emacs 22.1
Gnu Emacs 22.2
Gnu Emacs 20.5
Gnu Emacs 20.1
Gnu Emacs 20.3
Gnu Emacs 21.2
Gnu Emacs 21.3
Gnu Emacs 22.3
Gnu Emacs 23.2
Gnu Emacs 20.6
Gnu Emacs 20.7
Gnu Emacs 21
Gnu Emacs 23.4
Gnu Emacs 24.1
Gnu Emacs 24.2
Gnu Emacs
Gnu Emacs 20.0
Gnu Emacs 20.2
2.1
CVSSv2
CVE-2017-1000383
GNU Emacs version 25.3.1 (and other versions most likely) ignores umask when creating a backup save file ("[ORIGINAL_FILENAME]~") resulting in files that may be world readable or otherwise accessible in ways not intended by the user running the emacs binary.
Gnu Emacs
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site scripting
CVE-2024-5158
XML external entity
CVE-2024-4262
CVE-2024-2036
CVE-2024-4985
CVE-2024-21791
remote attackers
CVE-2023-43208
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »