PackageKit authorization issue vulnerability

PackageKit is an open-source system for installing and updating software. Versions of PackageKit 1.3.5 and earlier have a licensing issue vulnerability. This vulnerability stems from incorrect handling of the parameter ‘frontend-socket’ in the function gfiletest within the API component file...

EUVD-2025-199723

Tinyproxy through 1.11.2 contains an integer overflow vulnerability in the stripreturnport function within src/reqs.c...

EUVD-2025-24007

Malicious code in bioql PyPI...

CVE-2025-8734

GNU Bison up to 3.8.2 contains a vulnerability in function code_free (src/scan-code.c) that can cause a double free. Exploitation appears to be locally actionable; the exploit has been disclosed, but the actual existence of this issue is disputed as reproductions from a GNU Bison 3.8.2 tarball in...

Slackware Linux 15.0 / current emacs Vulnerability (SSA:2024-084-01)

The version of emacs installed on the remote host is prior to 29.3. It is, therefore, affected by a vulnerability as referenced in the SSA:2024-084-01 advisory. - GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because...

EulerOS Virtualization 3.0.6.0 : emacs (EulerOS-SA-2023-2237)

According to the versions of the emacs packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because...

AlmaLinux 8 : emacs (ALSA-2023:3042)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:3042 advisory. - GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c uses the system C...

EulerOS Virtualization 2.10.1 : emacs (EulerOS-SA-2023-1887)

According to the versions of the emacs package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because...

Huawei EulerOS: Security Advisory for emacs (EulerOS-SA-2023-1669)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2020-23259

An issue found in Jsish v.3.0.11 and before allows an attacker to cause a denial of service via the JsiStrlen function in the src/jsiChar.c file...

Command Injection

emacs is vulnerable to Command Injection. An attacker can inject and execute malicious commands via shell metacharacters in the name of a source-code file because etags.c uses the system C library function to implement the etags program...

CVE-2022-48337

A flaw was found in the Emacs package. This flaw allows attackers to execute commands via shell metacharacters in the name of a source-code file...

CVE-2022-48337

GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c uses the system C library function in its implementation of the etags program. For example, a victim may use the "etags -u " command suggested in the eta...

CVE-2022-48337

GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c uses the system C library function in its implementation of the etags program. For example, a victim may use the "etags -u " command suggested in the eta...

CVE-2022-48337

CVE-2022-48337 affects GNU Emacs up to 28.2. The issue arises from the etags implementation in lib-src/etags.c, which uses the system C library function and does not sanitize input, enabling command execution via shell metacharacters in source-file names (for example, using etags -u * in a direct...

EulerOS 2.0 SP10 : emacs (EulerOS-SA-2023-1382)

According to the versions of the emacs package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c us...

MGASA-2022-0457 Updated emacs packages fix security vulnerability

GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c uses the system C library function in its implementation of the ctags program. For example, a victim may use the "ctags " command suggested in the ctags...

Updated emacs packages fix security vulnerability

GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c uses the system C library function in its implementation of the ctags program. For example, a victim may use the "ctags " command suggested in the ctags...

CVE-2022-45939

GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c uses the system C library function in its implementation of the ctags program. For example, a victim may use the "ctags " command suggested in the ctags...

emacs -- arbitary shell command execution vulnerability of ctags

lu4nx reports: GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c uses the system C library function in its implementation of the ctags program. For example, a victim may use the "ctags " command suggeste...