Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Gnu Subscribe
Filtered by product Emacs
Total 28 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2012-3479 1 Gnu 1 Emacs 2013-12-12 6.8 MEDIUM N/A
lisp/files.el in Emacs 23.2, 23.3, 23.4, and 24.1 automatically executes eval forms in local-variable sections when the enable-local-variables option is set to :safe, which allows user-assisted remote attackers to execute arbitrary Emacs Lisp code via a crafted file.
CVE-2012-1103 2 Gnu, Notmuchmail 2 Emacs, Notmuch 2012-09-25 4.3 MEDIUM N/A
emacs/notmuch-mua.el in Notmuch before 0.11.1, when using the Emacs interface, allows user-assisted remote attackers to read arbitrary files via crafted MML tags, which are not properly quoted in an email reply cna cause the files to be attached to the message.
CVE-2003-1232 1 Gnu 1 Emacs 2011-03-07 5.1 MEDIUM N/A
Emacs 21.2.1 does not prompt or warn the user before executing Lisp code in the local variables section of a text file, which allows user-assisted attackers to execute arbitrary commands, as demonstrated using the mode-name variable.
CVE-2000-0269 1 Gnu 1 Emacs 2008-09-10 2.1 LOW N/A
Emacs 20 does not properly set permissions for a slave PTY device when starting a new subprocess, which allows local users to read or modify communications between Emacs and the subprocess.
CVE-2000-0271 1 Gnu 1 Emacs 2008-09-10 4.6 MEDIUM N/A
read-passwd and other Lisp functions in Emacs 20 do not properly clear the history of recently typed keys, which allows an attacker to read unencrypted passwords.
CVE-2000-0270 1 Gnu 1 Emacs 2008-09-10 3.6 LOW N/A
The make-temp-name Lisp function in Emacs 20 creates temporary files with predictable names, which allows attackers to conduct a symlink attack.
CVE-2007-2833 3 Debian, Gnu, Mandrakesoft 4 Debian Linux, Emacs, Mandrake Linux and 1 more 2008-09-05 7.8 HIGH N/A
Emacs 21 allows user-assisted attackers to cause a denial of service (crash) via certain crafted images, as demonstrated via a GIF image in vm mode, related to image size calculation.
CVE-2001-1301 2 Gnu, Xemacs 2 Emacs, Xemacs 2008-09-05 1.2 LOW N/A
rcs2log, as used in Emacs 20.4, xemacs 21.1.10 and other versions before 21.4, and possibly other packages, allows local users to modify files of other users via a symlink attack on a temporary file.