Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gnu emacs vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2014-9483
Emacs 24.4 allows remote malicious users to bypass security restrictions.
Gnu Emacs 24.4
515
VMScore
CVE-2003-1232
Emacs 21.2.1 does not prompt or warn the user before executing Lisp code in the local variables section of a text file, which allows user-assisted malicious users to execute arbitrary commands, as demonstrated using the mode-name variable.
Gnu Emacs 21.2.1
1 EDB exploit
694
VMScore
CVE-2007-2833
Emacs 21 allows user-assisted malicious users to cause a denial of service (crash) via certain crafted images, as demonstrated via a GIF image in vm mode, related to image size calculation.
Debian Debian Linux 4.0
Gnu Emacs 21
NA
CVE-2022-48337
GNU Emacs up to and including 28.2 allows malicious users to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c uses the system C library function in its implementation of the etags program. For example, a victim may use the "...
Gnu Emacs
Debian Debian Linux 11.0
107
VMScore
CVE-2001-1301
rcs2log, as used in Emacs 20.4, xemacs 21.1.10 and other versions prior to 21.4, and possibly other packages, allows local users to modify files of other users via a symlink attack on a temporary file.
Gnu Emacs 20.4
Xemacs Xemacs 21.1.10
NA
CVE-2022-45939
GNU Emacs up to and including 28.2 allows malicious users to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c uses the system C library function in its implementation of the ctags program. For example, a victim may use the "...
Gnu Emacs
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Fedoraproject Fedora 36
Fedoraproject Fedora 37
NA
CVE-2023-2491
A flaw was found in the Emacs text editor. Processing a specially crafted org-mode code with the "org-babel-execute:latex" function in ob-latex.el can result in arbitrary command execution. This CVE exists because of a CVE-2023-28617 security regression for the emacs pa...
Gnu Emacs 26.1-9.el8
Gnu Emacs 27.2-8.el9
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
Redhat Enterprise Linux Server Tus 8.8
Redhat Enterprise Linux Server Aus 8.8
Redhat Enterprise Linux Eus 8.8
Redhat Enterprise Linux Server Aus 9.2
Redhat Enterprise Linux Eus 9.2
NA
CVE-2023-28617
org-babel-execute:latex in ob-latex.el in Org Mode up to and including 9.6.1 for GNU Emacs allows malicious users to execute arbitrary commands via a file name or directory name that contains shell metacharacters.
Gnu Org Mode
187
VMScore
CVE-2004-0422
flim prior to 1.14.3 creates temporary files insecurely, which allows local users to overwrite arbitrary files of the Emacs user via a symlink attack.
Gnu Flim
614
VMScore
CVE-2007-5377
The (1) tramp-make-temp-file and (2) tramp-make-tramp-temp-file functions in Tramp 2.1.10 extension for Emacs, and possibly earlier 2.1.x versions, allows local users to overwrite arbitrary files via a symlink attack on temporary files.
Gnu Tramp 2.1.10
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22120
CVE-2024-35921
CVE-2024-35874
brute force
CVE-2024-36080
unprivileged
CVE-2024-35917
IDOR
CVE-2024-4947
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »