Lucene search
K

7 matches found

Positive Technologies
Positive Technologies
added 2026/06/22 12:0 a.m.12 views

PT-2026-51456

Name of the Vulnerable Software and Affected Versions Gogs versions prior to 0.14.3 Description A specially crafted issue index pattern can cause a panic during rendering, leading to a denial of service. In the internal/markup/markup.go file, the RenderIssueIndexPattern function uses com.Expand t...

3.5CVSS5.9AI score0.00284EPSS
Exploits0References10
OSV
OSV
added 2026/03/19 5:46 p.m.1 views

GHSA-37G4-QQQV-7M99 Intake has a Command Injection via shell() Expansion in Parameter Defaults

Summary The shell syntax within parameter default values appears to be automatically expanded during the catalog parsing process. If a catalog contains a parameter default such as shell, the command may be executed when the catalog source is accessed. This means that if a user loads a malicious...

8.8CVSS6.1AI score0.00428EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2025/02/26 12:0 a.m.16 views

Amazon Linux 2 : emacs (ALAS-2025-2757)

The version of emacs installed on the remote host is prior to 27.2-4. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2757 advisory. In elisp-mode.el in GNU Emacs through 30.0.92, a user who chooses to invoke elisp-completion-at-point for code completion on untrusted...

7.8CVSS8.1AI score0.00526EPSS
Exploits0References4
NVD
NVD
added 2024/11/27 3:15 p.m.26 views

CVE-2024-53920

In elisp-mode.el in GNU Emacs before 30.1, a user who chooses to invoke elisp-completion-at-point for code completion on untrusted Emacs Lisp source code can trigger unsafe Lisp macro expansion that allows attackers to execute arbitrary code. This unsafe expansion also occurs if a user chooses to...

7.8CVSS0.00526EPSS
Exploits0References7
AlpineLinux
AlpineLinux
added 2024/11/27 3:15 p.m.3 views

CVE-2024-53920

In elisp-mode.el in GNU Emacs before 30.1, a user who chooses to invoke elisp-completion-at-point for code completion on untrusted Emacs Lisp source code can trigger unsafe Lisp macro expansion that allows attackers to execute arbitrary code. This unsafe expansion also occurs if a user chooses to...

7.8CVSS8AI score0.00526EPSS
Exploits0References8
OSV
OSV
added 2024/11/27 3:15 p.m.17 views

CVE-2024-53920

In elisp-mode.el in GNU Emacs before 30.1, a user who chooses to invoke elisp-completion-at-point for code completion on untrusted Emacs Lisp source code can trigger unsafe Lisp macro expansion that allows attackers to execute arbitrary code. This unsafe expansion also occurs if a user chooses to...

7.8CVSS8.7AI score
Exploits0References7
Cvelist
Cvelist
added 2024/11/27 12:0 a.m.22 views

CVE-2024-53920

In elisp-mode.el in GNU Emacs before 30.1, a user who chooses to invoke elisp-completion-at-point for code completion on untrusted Emacs Lisp source code can trigger unsafe Lisp macro expansion that allows attackers to execute arbitrary code. This unsafe expansion also occurs if a user chooses to...

0.00526EPSS
Exploits0References6
Rows per page
Query Builder