EUVD-2003-1222

Malware in sbrugna...

In Emacs before 29.3 arbitrary Lisp code is evaluated as part of turning on Org mode. This affects Org Mode before 9.6.23.

...

Important: emacs

Issue Overview: In Emacs before 29.3, arbitrary Lisp code is evaluated as part of turning on Org mode. This affects Org Mode before 9.6.23. CVE-2024-30202 Affected Packages: emacs Issue Correction: Run dnf update emacs --releasever 2023.4.20240416 or dnf update --advisory ALAS2023-2024-584...

Important: emacs

Issue Overview: In Emacs before 29.3, arbitrary Lisp code is evaluated as part of turning on Org mode. This affects Org Mode before 9.6.23. CVE-2024-30202 Affected Packages: emacs Issue Correction: Run dnf update emacs --releasever 2023.4.20240416 to update your system. New Packages: aarch64: ...

Unspecified vulnerability in Gnu emacs (CNVD-2025-15364)

Gnu emacs is a family of text editors in the American GNU community. A security vulnerability exists in Gnu emacs that stems from the fact that arbitrary Lisp code is evaluated as part of the open Org mode. No details of the vulnerability are provided at this time...

DEBIAN-CVE-2024-30202

In Emacs before 29.3, arbitrary Lisp code is evaluated as part of turning on Org mode. This affects Org Mode before 9.6.23...

CVE-2024-30202

In Emacs before 29.3, arbitrary Lisp code is evaluated as part of turning on Org mode. This affects Org Mode before 9.6.23...

CVE-2024-30202

In Emacs before 29.3, arbitrary Lisp code is evaluated as part of turning on Org mode. This affects Org Mode before 9.6.23...

GNU Emacs 安全漏洞

Gnu emacs is a family of text editors in the American GNU community. A security vulnerability exists in Gnu emacs that stems from the fact that arbitrary Lisp code is evaluated as part of the open Org mode. No details of the vulnerability are provided at this time...

CVE-2024-30202

In Emacs before 29.3, arbitrary Lisp code is evaluated as part of turning on Org mode. This affects Org Mode before 9.6.23...

PT-2024-23251 · Org Mode +5 · Org Mode +5

Name of the Vulnerable Software and Affected Versions: Emacs versions prior to 29.3 Org Mode versions prior to 9.6.23 Description: The issue allows arbitrary Lisp code to be evaluated as part of turning on Org mode. Recommendations: For Emacs versions prior to 29.3, update to version 29.3 or late...

emacs -- multiple vulnerabilities

GNU Emacs developers report: Emacs 29.3 is an emergency bugfix release intended to fix several security vulnerabilities. Arbitrary Lisp code is no longer evaluated as part of turning on Org mode. This is for security reasons, to avoid evaluating malicious Lisp code. New buffer-local variable...

Amazon Linux 2023 : emacs, emacs-common, emacs-devel (ALAS2023-2023-134)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-134 advisory. emacsclient-mail.desktop in Emacs 28.1 through 28.2 is vulnerable to shell command injections through a crafted mailto: URI. This is related to lack of compliance with the Desktop Entry...

Important: emacs

Issue Overview: emacsclient-mail.desktop in Emacs 28.1 through 28.2 is vulnerable to shell command injections through a crafted mailto: URI. This is related to lack of compliance with the Desktop Entry Specification. CVE-2023-27985 emacsclient-mail.desktop in Emacs 28.1 through 28.2 is vulnerable...

CVE-2023-27986

emacsclient-mail.desktop in Emacs 28.1 through 28.2 is vulnerable to Emacs Lisp code injections through a crafted mailto: URI with unescaped double-quote characters. It is fixed in 29.0.90...

[slackware-security] emacs

New emacs packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix a security issue. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/emacs-25.3-i586-1slack14.2.txz: Upgraded. This update fixes a security vulnerability in Emacs. Gnus no...

Mandriva Linux Security Advisory : emacs (MDVSA-2013:076)

Updated emacs packages fix security vulnerabilities : Untrusted search path vulnerability in EDE in CEDET before 1.0.1, as used in GNU Emacs before 23.4 and other products, allows local users to gain privileges via a crafted Lisp expression in a Project.ede file in the directory, or a parent...

Debian DSA-2603-1 : emacs23 - programming error

Paul Ling discovered that Emacs insufficiently restricted the evaluation of Lisp code if enable-local-variables is set to 'safe'. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-2603. The...

Debian: Security Advisory (DSA-2603-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 11.10 / 12.04 LTS : emacs23 vulnerabilities (USN-1586-1)

Hiroshi Oota discovered that Emacs incorrectly handled search paths. If a user were tricked into opening a file with Emacs, a local attacker could execute arbitrary Lisp code with the privileges of the user invoking the program. CVE-2012-0035 Paul Ling discovered that Emacs incorrectly handled...