GNU : Security Vulnerabilities, CVEs, Published In May 2014
lisp/net/tramp-sh.el in GNU Emacs 24.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on a /tmp/tramp.##### temporary file.
Max CVSS
3.3
EPSS Score
0.04%
Published
2014-05-08
Updated
2016-06-30
lisp/net/browse-url.el in GNU Emacs 24.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on a /tmp/Mosaic.##### temporary file.
Max CVSS
3.3
EPSS Score
0.04%
Published
2014-05-08
Updated
2016-06-30
lisp/emacs-lisp/find-gc.el in GNU Emacs 24.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary file under /tmp/esrc/.
Max CVSS
3.3
EPSS Score
0.04%
Published
2014-05-08
Updated
2016-06-30
lisp/gnus/gnus-fun.el in GNU Emacs 24.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on the /tmp/gnus.face.ppm temporary file.
Max CVSS
3.3
EPSS Score
0.04%
Published
2014-05-08
Updated
2016-06-30
GNU Rush 1.7 does not properly drop privileges, which allows local users to read arbitrary files via the --lint option.
Max CVSS
4.9
EPSS Score
0.04%
Published
2014-05-08
Updated
2014-05-09
A certain Debian patch for GNU GRUB uses world-readable permissions for grub.cfg, which allows local users to obtain password hashes, as demonstrated by reading the password_pbkdf2 directive in the file.
Max CVSS
2.1
EPSS Score
0.04%
Published
2014-05-12
Updated
2024-01-16
6 vulnerabilities found