MiracleLinux 9 : emacs-27.2-14.el9_6.2 (AXSA:2025-10583:05)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10583:05 advisory. emacs: arbitrary code execution via Lisp macro expansion CVE-2024-53920 Tenable has extracted the preceding description block directly from the MiracleLinux...

CVE-2024-4706

The WordPress + Microsoft Office 365 / Azure AD | LOGIN plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'pintra' shortcode in all versions up to, and including, 27.2 due to insufficient input sanitization and output escaping on user supplied attributes. This mak...

emacs security update

1:27.2-10 - Disable xwidgets RHEL-14551 - org-file-contents: Consider all remote files unsafe CVE-2024-30205 - Make Gnus treats inline MIME contents as untrusted CVE-2024-30203 - Add protection for LaTeX preview CVE-2024-30204 - org-link-expand-abbrev: Do not evaluate arbitrary unsafe Elisp code...

WordPress WPO365 Plugin <= 27.2 is vulnerable to Cross Site Scripting (XSS)

Software WPO365 Type Plugin Vulnerable versions = 27.2 Fixed in 28.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-4706 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID c55d5d3f53f2 Credits stealthcopter Required privilege...

WordPress plugin Microsoft Office 365 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin...

emacs security update

1:27.2-8.1 - Fix etags local command injection vulnerability 2184369 - Fix htmlfontify.el command injection vulnerability 2184368 - Fix ruby-mode.el local command injection vulnerability 2184367 - Fix ob-latex.el command injection vulnerability 2184377 1:27.2-8 - Use a 64KB page size for pdump...

Amazon Linux 2 : emacs (ALAS-2023-1981)

The version of emacs installed on the remote host is prior to 27.2-4. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-1981 advisory. GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, becau...

PT-2022-18696 · Pexip · Pexip Infinity

Name of the Vulnerable Software and Affected Versions: Pexip Infinity versions 27.0 through 27.2 Description: The issue allows remote attackers to trigger a software abort via HTTP. Recommendations: For versions 27.0 through 27.2, update to version 27.3 or later to resolve the issue...