Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gnu emacs vulnerabilities and exploits
(subscribe to this query)
2.1
CVSSv2
CVE-2004-0422
flim prior to 1.14.3 creates temporary files insecurely, which allows local users to overwrite arbitrary files of the Emacs user via a symlink attack.
Gnu Flim
2.1
CVSSv2
CVE-2000-0269
Emacs 20 does not properly set permissions for a slave PTY device when starting a new subprocess, which allows local users to read or modify communications between Emacs and the subprocess.
Gnu Emacs 20.1
Gnu Emacs 20.5
Gnu Emacs 20.4
Gnu Emacs 20.6
Gnu Emacs 20.2
Gnu Emacs 20.3
Gnu Emacs 20.0
1.2
CVSSv2
CVE-2001-1301
rcs2log, as used in Emacs 20.4, xemacs 21.1.10 and other versions prior to 21.4, and possibly other packages, allows local users to modify files of other users via a symlink attack on a temporary file.
Gnu Emacs 20.4
Xemacs Xemacs 21.1.10
NA
CVE-2024-30203
In Emacs prior to 29.3, Gnus treats inline MIME contents as trusted.
NA
CVE-2024-30202
In Emacs prior to 29.3, arbitrary Lisp code is evaluated as part of turning on Org mode. This affects Org Mode prior to 9.6.23.
NA
CVE-2024-30204
In Emacs prior to 29.3, LaTeX preview is enabled by default for e-mail attachments.
NA
CVE-2024-30205
In Emacs prior to 29.3, Org mode considers contents of remote files to be trusted. This affects Org Mode prior to 9.6.23.
NA
CVE-2023-2491
A flaw was found in the Emacs text editor. Processing a specially crafted org-mode code with the "org-babel-execute:latex" function in ob-latex.el can result in arbitrary command execution. This CVE exists because of a CVE-2023-28617 security regression for the emacs pa...
Gnu Emacs 26.1-9.el8
Gnu Emacs 27.2-8.el9
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
Redhat Enterprise Linux Server Tus 8.8
Redhat Enterprise Linux Server Aus 8.8
Redhat Enterprise Linux Eus 8.8
Redhat Enterprise Linux Server Aus 9.2
Redhat Enterprise Linux Eus 9.2
NA
CVE-2023-28617
org-babel-execute:latex in ob-latex.el in Org Mode up to and including 9.6.1 for GNU Emacs allows malicious users to execute arbitrary commands via a file name or directory name that contains shell metacharacters.
Gnu Org Mode
NA
CVE-2023-27985
emacsclient-mail.desktop in Emacs 28.1 up to and including 28.2 is vulnerable to shell command injections through a crafted mailto: URI. This is related to lack of compliance with the Desktop Entry Specification. It is fixed in 29.0.90
Gnu Emacs
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site scripting
CVE-2024-5158
XML external entity
CVE-2024-4262
CVE-2024-2036
CVE-2024-4985
CVE-2024-21791
remote attackers
CVE-2023-43208
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »