GNU : Security Vulnerabilities, CVEs, Published In 2012 CVSS score >= 6
lisp/files.el in Emacs 23.2, 23.3, 23.4, and 24.1 automatically executes eval forms in local-variable sections when the enable-local-variables option is set to :safe, which allows user-assisted remote attackers to execute arbitrary Emacs Lisp code via a crafted file.
Max CVSS
6.8
EPSS Score
1.31%
Published
2012-08-25
Updated
2013-12-13
Double free vulnerability in libgnutls in GnuTLS before 3.0.14 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted certificate list.
Max CVSS
7.5
EPSS Score
2.15%
Published
2012-03-13
Updated
2017-08-29
Integer overflow in the GnashImage::size method in libbase/GnashImage.h in GNU Gnash 0.8.10 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted SWF file, which triggers a heap-based buffer overflow.
Max CVSS
6.8
EPSS Score
3.42%
Published
2012-08-26
Updated
2012-08-27
Untrusted search path vulnerability in EDE in CEDET before 1.0.1, as used in GNU Emacs before 23.4 and other products, allows local users to gain privileges via a crafted Lisp expression in a Project.ede file in the directory, or a parent directory, of an opened file.
Max CVSS
9.3
EPSS Score
0.15%
Published
2012-01-19
Updated
2018-12-07
4 vulnerabilities found