14 matches found
Updated emacs packages fix security vulnerability
Memory corruption vulnerability when processing svg css. CVE-2026-6861...
MGASA-2026-0213 Updated emacs packages fix security vulnerability
Memory corruption vulnerability when processing svg css. CVE-2026-6861...
MGASA-2025-0075 Updated emacs packages fix a security vulnerability
A command injection flaw was found which could allow a remote, unauthenticated attacker to execute arbitrary shell commands by tricking users into visiting a specially crafted website or an HTTP URL with a redirect...
Updated emacs packages fix a security vulnerability
A command injection flaw was found which could allow a remote, unauthenticated attacker to execute arbitrary shell commands by tricking users into visiting a specially crafted website or an HTTP URL with a redirect...
Updated emacs packages fix security vulnerability
In elisp-mode.el in GNU Emacs through 30.0.92, a user who chooses to invoke elisp-completion-at-point for code completion on untrusted Emacs Lisp source code can trigger unsafe Lisp macro expansion that allows attackers to execute arbitrary code. This unsafe expansion also occurs if a user choose...
MGASA-2024-0276 Updated emacs packages improve Wayland support and fix a security vulnerability
In Emacs before 29.4, org-link-expand-abbrev in lisp/ol.el expands a %... link abbrev even when it specifies an unsafe function, such as shell-command-to-string. CVE-2024-39331...
MGASA-2024-0237 Updated emacs packages fix security vulnerability
Arbitrary shell command evaluation in Org mode GNU Emacs...
MGASA-2023-0152 Updated emacs packages fix security vulnerability
org-babel-execute:latex in ob-latex.el in Org Mode through 9.6.1 for GNU Emacs allows attackers to execute arbitrary commands via a file name or directory name that contains shell metacharacters. CVE-2023-28617...
MGASA-2022-0457 Updated emacs packages fix security vulnerability
GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c uses the system C library function in its implementation of the ctags program. For example, a victim may use the "ctags " command suggested in the ctags...
Updated emacs packages fix CVE-2014-3421-4
Updated emacs packages fix security vulnerabilities: Steve Kemp discovered multiple temporary file handling issues in Emacs. A local attacker could use these flaws to perform symbolic link attacks against users running Emacs CVE-2014-3421, CVE-2014-3422, CVE-2014-3423, CVE-2014-3424...
MGASA-2014-0250 Updated emacs packages fix CVE-2014-3421-4
Updated emacs packages fix security vulnerabilities: Steve Kemp discovered multiple temporary file handling issues in Emacs. A local attacker could use these flaws to perform symbolic link attacks against users running Emacs CVE-2014-3421, CVE-2014-3422, CVE-2014-3423, CVE-2014-3424...
openSUSE 10 Security Update : emacs (emacs-5247)
Xemacs automatically loaded fast-lock files which allowed local attackers to execute arbitrary code as the user editing the associated files CVE-2008-2142. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE...
[ MDVSA-2008:096 ] - Updated emacs packages fix vulnerability in vcdiff
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2008:096 http://www.mandriva.com/security/ Package : emacs Date : May 6, 2008 Affected: 2007.1, 2008.0, 2008.1, Corporate 3.0, Corporate 4.0 Problem Description: Steve Grubb found that the vcdiff script in Emacs...
DSA-671-1 xemacs21 - format string
Bulletin has no description...