Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gnu emacs vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2022-48339
An issue exists in GNU Emacs up to and including 28.2. htmlfontify.el has a command injection vulnerability. In the hfy-istext-command function, the parameter file and parameter srcdir come from external input, and parameters are not escaped. If a file name or directory name cont...
Gnu Emacs
7.8
CVSSv3
CVE-2022-45939
GNU Emacs up to and including 28.2 allows malicious users to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c uses the system C library function in its implementation of the ctags program. For example, a victim may use the "...
Gnu Emacs
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Fedoraproject Fedora 36
Fedoraproject Fedora 37
5.5
CVSSv3
CVE-2017-1000383
GNU Emacs version 25.3.1 (and other versions most likely) ignores umask when creating a backup save file ("[ORIGINAL_FILENAME]~") resulting in files that may be world readable or otherwise accessible in ways not intended by the user running the emacs binary.
Gnu Emacs
7.5
CVSSv3
CVE-2014-9483
Emacs 24.4 allows remote malicious users to bypass security restrictions.
Gnu Emacs 24.4
NA
CVE-2014-3423
lisp/net/browse-url.el in GNU Emacs 24.3 and previous versions allows local users to overwrite arbitrary files via a symlink attack on a /tmp/Mosaic.##### temporary file.
Mageia Project Mageia 3
Mageia Project Mageia 4
Gnu Emacs 21.1
Gnu Emacs 21.2
Gnu Emacs 21.2.1
Gnu Emacs 21.3
Gnu Emacs 20.0
Gnu Emacs 20.1
Gnu Emacs 20.2
Gnu Emacs 20.3
Gnu Emacs 22.3
Gnu Emacs 23.1
Gnu Emacs 23.2
Gnu Emacs 23.3
Gnu Emacs 20.5
Gnu Emacs 20.7
Gnu Emacs 21.4
Gnu Emacs 22.2
Gnu Emacs 23.4
Gnu Emacs 24.2
Gnu Emacs 20.4
Gnu Emacs 20.6
NA
CVE-2014-3421
lisp/gnus/gnus-fun.el in GNU Emacs 24.3 and previous versions allows local users to overwrite arbitrary files via a symlink attack on the /tmp/gnus.face.ppm temporary file.
Mageia Project Mageia 4
Mageia Project Mageia 3
Gnu Emacs 20.0
Gnu Emacs 20.1
Gnu Emacs 20.2
Gnu Emacs 20.3
Gnu Emacs 22.2
Gnu Emacs 22.3
Gnu Emacs 23.1
Gnu Emacs 23.2
Gnu Emacs 23.3
Gnu Emacs 21
Gnu Emacs 21.1
Gnu Emacs 21.2
Gnu Emacs 21.2.1
Gnu Emacs 20.4
Gnu Emacs 20.6
Gnu Emacs 21.3.1
Gnu Emacs 22.1
Gnu Emacs 24.1
Gnu Emacs
Gnu Emacs 20.5
NA
CVE-2014-3422
lisp/emacs-lisp/find-gc.el in GNU Emacs 24.3 and previous versions allows local users to overwrite arbitrary files via a symlink attack on a temporary file under /tmp/esrc/.
Gnu Emacs 20.7
Gnu Emacs 21
Gnu Emacs 21.1
Gnu Emacs 21.2
Gnu Emacs
Gnu Emacs 20.0
Gnu Emacs 20.1
Gnu Emacs 20.2
Gnu Emacs 22.2
Gnu Emacs 22.3
Gnu Emacs 23.1
Gnu Emacs 23.2
Gnu Emacs 20.3
Gnu Emacs 20.5
Gnu Emacs 21.3
Gnu Emacs 21.4
Gnu Emacs 23.4
Gnu Emacs 24.2
Gnu Emacs 20.4
Gnu Emacs 20.6
Gnu Emacs 21.2.1
Gnu Emacs 21.3.1
NA
CVE-2014-3424
lisp/net/tramp-sh.el in GNU Emacs 24.3 and previous versions allows local users to overwrite arbitrary files via a symlink attack on a /tmp/tramp.##### temporary file.
Mageia Project Mageia 4
Mageia Project Mageia 3
Gnu Emacs 21.3.1
Gnu Emacs 21.4
Gnu Emacs 22.1
Gnu Emacs 22.2
Gnu Emacs 20.5
Gnu Emacs 20.1
Gnu Emacs 20.3
Gnu Emacs 21.2
Gnu Emacs 21.3
Gnu Emacs 22.3
Gnu Emacs 23.2
Gnu Emacs 20.6
Gnu Emacs 20.7
Gnu Emacs 21
Gnu Emacs 23.4
Gnu Emacs 24.1
Gnu Emacs 24.2
Gnu Emacs
Gnu Emacs 20.0
Gnu Emacs 20.2
NA
CVE-2012-3479
lisp/files.el in Emacs 23.2, 23.3, 23.4, and 24.1 automatically executes eval forms in local-variable sections when the enable-local-variables option is set to :safe, which allows user-assisted remote malicious users to execute arbitrary Emacs Lisp code via a crafted file.
Gnu Emacs 23.2
Gnu Emacs 23.3
Gnu Emacs 23.4
Gnu Emacs 24.1
NA
CVE-2012-0035
Untrusted search path vulnerability in EDE in CEDET prior to 1.0.1, as used in GNU Emacs prior to 23.4 and other products, allows local users to gain privileges via a crafted Lisp expression in a Project.ede file in the directory, or a parent directory, of an opened file.
Eric M Ludlam Cedet 1.0
Gnu Emacs 20.1
Gnu Emacs 20.2
Gnu Emacs 21.3
Gnu Emacs 22.1
Gnu Emacs 23.1
Gnu Emacs 23.2
Gnu Emacs 20.0
Gnu Emacs 21
Gnu Emacs 21.2.1
Gnu Emacs 22.2
Gnu Emacs 22.3
Eric M Ludlam Cedet
Gnu Emacs 20.5
Gnu Emacs 20.6
Gnu Emacs 21.3.1
Gnu Emacs 21.4
Gnu Emacs 20.3
Gnu Emacs 20.4
Gnu Emacs 20.7
Gnu Emacs 21.1
Gnu Emacs 21.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22120
CVE-2024-35921
CVE-2024-35874
brute force
CVE-2024-36080
unprivileged
CVE-2024-35917
IDOR
CVE-2024-4947
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »