Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

11 – 18 of 18 results


CVE-2014-9483

Negligible priority
Not affected

Emacs 24.4 allows remote attackers to bypass security restrictions.

3 affected packages

emacs23, emacs24, emacs25

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
emacs23 Not in release Not in release
emacs24 Not in release Not affected
emacs25 Not affected Not in release
Show less packages

CVE-2014-3424

Medium priority
Ignored

lisp/net/tramp-sh.el in GNU Emacs 24.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on a /tmp/tramp.##### temporary file.

7 affected packages

emacs-snapshot, emacs22, emacs23, emacs24, emacs25...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
emacs-snapshot Not in release Not in release
emacs22 Not in release Not in release
emacs23 Not in release Not in release
emacs24 Not in release Not affected
emacs25 Not affected Not in release
xemacs21 Not affected Not affected
xemacs21-packages Not affected Not affected
Show all 7 packages Show less packages

CVE-2014-3423

Negligible priority
Ignored

lisp/net/browse-url.el in GNU Emacs 24.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on a /tmp/Mosaic.##### temporary file.

7 affected packages

emacs-snapshot, emacs22, emacs23, emacs24, emacs25...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
emacs-snapshot Not in release Not in release
emacs22 Not in release Not in release
emacs23 Not in release Not in release
emacs24 Not in release Not affected
emacs25 Not affected Not in release
xemacs21 Not affected Not affected
xemacs21-packages Not affected Not affected
Show all 7 packages Show less packages

CVE-2014-3422

Medium priority
Ignored

lisp/emacs-lisp/find-gc.el in GNU Emacs 24.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary file under /tmp/esrc/.

7 affected packages

emacs-snapshot, emacs22, emacs23, emacs24, emacs25...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
emacs-snapshot Not in release Not in release
emacs22 Not in release Not in release
emacs23 Not in release Not in release
emacs24 Not in release Not affected
emacs25 Not affected Not in release
xemacs21 Not affected Not affected
xemacs21-packages Not affected Not affected
Show all 7 packages Show less packages

CVE-2014-3421

Medium priority
Vulnerable

lisp/gnus/gnus-fun.el in GNU Emacs 24.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on the /tmp/gnus.face.ppm temporary file.

7 affected packages

emacs-snapshot, emacs22, emacs23, emacs24, emacs25...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
emacs-snapshot Not in release Not in release Not in release Not in release Not in release
emacs22 Not in release Not in release Not in release Not in release Not in release
emacs23 Not in release Not in release Not in release Not in release Not in release
emacs24 Not in release Not in release Not in release Not in release Not affected
emacs25 Not in release Not in release Not in release Not affected Not in release
xemacs21 Not affected Not affected Not affected Not affected Not affected
xemacs21-packages Vulnerable Vulnerable Vulnerable Vulnerable Vulnerable
Show all 7 packages Show less packages

CVE-2012-3479

Medium priority

Some fixes available 8 of 15

lisp/files.el in Emacs 23.2, 23.3, 23.4, and 24.1 automatically executes eval forms in local-variable sections when the enable-local-variables option is set to :safe, which allows user-assisted remote attackers to execute...

6 affected packages

emacs-snapshot, emacs21, emacs22, emacs23, emacs24, xemacs21

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
emacs-snapshot
emacs21
emacs22
emacs23
emacs24
xemacs21
Show less packages

CVE-2012-0035

Low priority

Some fixes available 2 of 7

Untrusted search path vulnerability in EDE in CEDET before 1.0.1, as used in GNU Emacs before 23.4 and other products, allows local users to gain privileges via a crafted Lisp expression in a Project.ede file in the directory, or...

3 affected packages

cedet, emacs22, emacs23

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
cedet
emacs22
emacs23
Show less packages

CVE-2010-0825

Medium priority

Some fixes available 15 of 25

lib-src/movemail.c in movemail in emacs 22 and 23 allows local users to read, modify, or delete arbitrary mailbox files via a symlink attack, related to improper file-permission checks.

4 affected packages

emacs21, emacs22, emacs23, xemacs21

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
emacs21
emacs22
emacs23
xemacs21
Show less packages