Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Tenable Nessus
Tenable Nessusadded 2024/10/09 12:0 a.m.29 views

EulerOS 2.0 SP11 : emacs (EulerOS-SA-2024-2552)

According to the versions of the emacs package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In Emacs before 29.3, Gnus treats inline MIME contents as trusted.CVE-2024-30203 In Emacs before 29.4, org-link-expand-abbrev in lisp/ol.el expands ...

9.8CVSS6.9AI score0.00441EPSS
Exploits0References3
RedhatCVE
RedhatCVEadded 2024/06/24 1:53 p.m.42 views

CVE-2024-39331

A flaw was found in Emacs. Arbitrary shell commands can be executed without prompting when an Org mode file is opened or when the Org mode is enabled, when Emacs is used as an email client, this issue can be triggered when previewing email attachments. Mitigation Do not open Org mode files or...

7.8CVSS6.2AI score0.00441EPSS
Exploits0References4
NVD
NVDadded 2024/06/23 10:15 p.m.22 views

CVE-2024-39331

In Emacs before 29.4, org-link-expand-abbrev in lisp/ol.el expands a %... link abbrev even when it specifies an unsafe function, such as shell-command-to-string. This affects Org Mode before 9.7.5...

9.8CVSS0.00441EPSS
Exploits0References9
OSV
OSVadded 2024/06/23 10:15 p.m.18 views

CVE-2024-39331

In Emacs before 29.4, org-link-expand-abbrev in lisp/ol.el expands a %... link abbrev even when it specifies an unsafe function, such as shell-command-to-string. This affects Org Mode before 9.7.5...

9.8CVSS6.5AI score
Exploits0References9
Vulnrichment
Vulnrichmentadded 2024/06/23 12:0 a.m.23 views

CVE-2024-39331

In Emacs before 29.4, org-link-expand-abbrev in lisp/ol.el expands a %... link abbrev even when it specifies an unsafe function, such as shell-command-to-string. This affects Org Mode before 9.7.5...

6.7AI score0.00441EPSS
Exploits0References9
Debian CVE
Debian CVEadded 2024/06/23 12:0 a.m.20 views

CVE-2024-39331

In Emacs before 29.4, org-link-expand-abbrev in lisp/ol.el expands a %... link abbrev even when it specifies an unsafe function, such as shell-command-to-string. This affects Org Mode before 9.7.5...

9.8CVSS7.2AI score0.00441EPSS
Exploits0
Veracode
Veracodeadded 2023/03/11 7:21 p.m.24 views

Command Injection

emacs is vulnerable to Command Injection. The vulnerability exists due to the feature-name parameter in the ruby-find-library-file function and bound to C-c C-f. functions are not properly escaped, allowing an attacker to inject and execute malicious commands by calling through...

7.3CVSS8.5AI score0.00142EPSS
Exploits0References7Affected Software1
UbuntuCve
UbuntuCveadded 2023/02/20 11:15 p.m.22 views

CVE-2022-48338

An issue was discovered in GNU Emacs through 28.2. In ruby-mode.el, the ruby-find-library-file function has a local command injection vulnerability. The ruby-find-library-file function is an interactive function, and bound to C-c C-f. Inside the function, the external command gem is called throug...

7.3CVSS7AI score0.00142EPSS
Exploits0References2
Rows per page
Query Builder