emacs: Shell Injection Vulnerability in GNU Emacs via Custom "man" URI Scheme

A command injection flaw was found in the text editor Emacs. It could allow a remote, unauthenticated attacker to execute arbitrary shell commands on a vulnerable system. Exploitation is possible by tricking users into visiting a specially crafted website or an HTTP URL with a redirect...

Important: Red Hat Security Advisory: emacs security update

An update for emacs is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Important: Red Hat Security Advisory: emacs security update

An update for emacs is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as...

Important: Red Hat Security Advisory: emacs security update

An update for emacs is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Red Hat Product Security has rated this update as...

Linux Distros Unpatched Vulnerability : CVE-2010-1160

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GNU nano before 2.2.4 does not verify whether a file has been changed before it is overwritten in a file- save operation, which allows local user-assisted...

Linux Distros Unpatched Vulnerability : CVE-2010-2252

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GNU Wget 1.12 and earlier uses a server-provided filename instead of the original URL to determine the destination filename of a download, which allows remote...

Linux Distros Unpatched Vulnerability : CVE-2009-5080

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The 1 contrib/eqn2graph/eqn2graph.sh, 2 contrib/grap2graph/grap2graph.sh, and 3 contrib/pic2graph/pic2graph.sh scripts in GNU troff aka groff 1.21 and earlier d...

Linux Distros Unpatched Vulnerability : CVE-2010-4651

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Directory traversal vulnerability in util.c in GNU patch 2.6.1 and earlier allows user-assisted remote attackers to create or overwrite arbitrary files via a...

Linux Distros Unpatched Vulnerability : CVE-2010-1161

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Race condition in GNU nano before 2.2.4, when run by root to edit a file that is not owned by root, allows local user-assisted attackers to change the ownership...

Linux Distros Unpatched Vulnerability : CVE-2010-0015

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - nis/nssnis/nis-pwd.c in the GNU C Library aka glibc or libc6 2.7 and Embedded GLIBC EGLIBC 2.10.2 adds information from the passwd.adjunct.byname map to entries...

Linux Distros Unpatched Vulnerability : CVE-2009-5155

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the GNU C Library aka glibc or libc6 before 2.28, parseregexp in posix/regcomp.c misparses alternatives, which allows attackers to cause a denial of service...

Linux Distros Unpatched Vulnerability : CVE-2011-1658

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ld.so in the GNU C Library aka glibc or libc6 2.13 and earlier expands the $ORIGIN dynamic string token when RPATH is composed entirely of this token, which mig...

Linux Distros Unpatched Vulnerability : CVE-2011-4355

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GNU Project Debugger GDB before 7.5, when .debuggdbscripts is defined, automatically loads certain files from the current working directory, which allows local...

MGASA-2025-0084 Updated binutils packages fix security vulnerabilities

nm =2.43 is affected by: Incorrect Access Control. The type of exploitation is: local. The component is: nm --without-symbol-version function. CVE-2024-57360 GNU Binutils objdump.c disassemblebytes stack-based overflow. CVE-2025-0840...

Important: Red Hat Security Advisory: emacs security update

An update for emacs is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

Important: Red Hat Security Advisory: emacs security and bug fix update

An update for emacs is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

RHEL 8 : emacs (RHSA-2025:1917)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:1917 advisory. GNU Emacs is a powerful, customizable, self-documenting text editor. It provides special code editing features, a scripting language elisp, and the...

Ubuntu: Security Advisory (USN-7306-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

ALSA-2025:1915 Important: emacs security update

GNU Emacs is a powerful, customizable, self-documenting text editor. It provides special code editing features, a scripting language elisp, and the capability to read e-mail and news. Security Fixes: emacs: Shell Injection Vulnerability in GNU Emacs via Custom "man" URI Scheme CVE-2025-1244 For...

url.c in GNU Wget through 1.24.5 mishandles semicolons in the userinfo subcomponent

Brocade Wget contains an improper input validation vulnerability. An attacker could exploit this via theuserinfosubcomponent of a URI to cause insecure behavior which could potentially cause improper authentication, exposure of sensitive information, or other serious data integrity issues...