Filtered by vendor Vim
Subscriptions
Total
199 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-0318 | 4 Apple, Debian, Redhat and 1 more | 4 Macos, Debian Linux, Enterprise Linux and 1 more | 2024-11-15 | 9.8 Critical |
| Heap-based Buffer Overflow in vim/vim prior to 8.2. | ||||
| CVE-2023-2426 | 1 Vim | 1 Vim | 2024-10-15 | 5.5 Medium |
| Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 9.0.1499. | ||||
| CVE-2023-3896 | 1 Vim | 1 Vim | 2024-10-10 | 7.8 High |
| Divide By Zero in vim/vim from 9.0.1367-1 to 9.0.1367-3 | ||||
| CVE-2021-3236 | 1 Vim | 1 Vim | 2024-10-10 | 5.5 Medium |
| vim 8.2.2348 is affected by null pointer dereference, allows local attackers to cause a denial of service (DoS) via the ex_buffer_all method. | ||||
| CVE-2024-45306 | 1 Vim | 1 Vim | 2024-10-04 | 4.5 Medium |
| Vim is an open source, command line text editor. Patch v9.1.0038 optimized how the cursor position is calculated and removed a loop, that verified that the cursor position always points inside a line and does not become invalid by pointing beyond the end of a line. Back then we assumed this loop is unnecessary. However, this change made it possible that the cursor position stays invalid and points beyond the end of a line, which would eventually cause a heap-buffer-overflow when trying to access the line pointer at the specified cursor position. It's not quite clear yet, what can lead to this situation that the cursor points to an invalid position. That's why patch v9.1.0707 does not include a test case. The only observed impact has been a program crash. This issue has been addressed in with the patch v9.1.0707. All users are advised to upgrade. | ||||
| CVE-2023-5441 | 2 Fedoraproject, Vim | 2 Fedora, Vim | 2024-09-19 | 5.5 Medium |
| NULL Pointer Dereference in GitHub repository vim/vim prior to 20d161ace307e28690229b68584f2d84556f8960. | ||||
| CVE-2023-5535 | 2 Fedoraproject, Vim | 2 Fedora, Vim | 2024-09-17 | 7.8 High |
| Use After Free in GitHub repository vim/vim prior to v9.0.2010. | ||||
| CVE-2024-41957 | 1 Vim | 1 Vim | 2024-08-09 | 4.5 Medium |
| Vim is an open source command line text editor. Vim < v9.1.0647 has double free in src/alloc.c:616. When closing a window, the corresponding tagstack data will be cleared and freed. However a bit later, the quickfix list belonging to that window will also be cleared and if that quickfix list points to the same tagstack data, Vim will try to free it again, resulting in a double-free/use-after-free access exception. Impact is low since the user must intentionally execute vim with several non-default flags, but it may cause a crash of Vim. The issue has been fixed as of Vim patch v9.1.0647 | ||||
| CVE-2019-20807 | 7 Apple, Canonical, Debian and 4 more | 8 Mac Os X, Ubuntu Linux, Debian Linux and 5 more | 2024-08-05 | 5.3 Medium |
| In Vim before 8.1.0881, users can circumvent the rvim restricted mode and execute arbitrary OS commands via scripting interfaces (e.g., Python, Ruby, or Lua). | ||||
| CVE-2019-20079 | 2 Canonical, Vim | 2 Ubuntu Linux, Vim | 2024-08-05 | 7.8 High |
| The autocmd feature in window.c in Vim before 8.1.2136 accesses freed memory. | ||||
| CVE-2019-12735 | 3 Neovim, Redhat, Vim | 4 Neovim, Enterprise Linux, Rhel Eus and 1 more | 2024-08-04 | 5.3 Medium |
| getchar.c in Vim before 8.1.1365 and Neovim before 0.3.6 allows remote attackers to execute arbitrary OS commands via the :source! command in a modeline, as demonstrated by execute in Vim, and assert_fails or nvim_input in Neovim. | ||||
| CVE-2020-20703 | 1 Vim | 1 Vim | 2024-08-04 | 9.8 Critical |
| Buffer Overflow vulnerability in VIM v.8.1.2135 allows a remote attacker to execute arbitrary code via the operand parameter. | ||||
| CVE-2021-4019 | 4 Debian, Fedoraproject, Redhat and 1 more | 4 Debian Linux, Fedora, Enterprise Linux and 1 more | 2024-08-03 | 7.8 High |
| vim is vulnerable to Heap-based Buffer Overflow | ||||
| CVE-2021-4166 | 7 Apple, Debian, Fedoraproject and 4 more | 8 Mac Os X, Macos, Debian Linux and 5 more | 2024-08-03 | 7.1 High |
| vim is vulnerable to Out-of-bounds Read | ||||
| CVE-2021-4173 | 3 Apple, Fedoraproject, Vim | 4 Mac Os X, Macos, Fedora and 1 more | 2024-08-03 | 7.8 High |
| vim is vulnerable to Use After Free | ||||
| CVE-2021-4193 | 5 Apple, Debian, Fedoraproject and 2 more | 6 Mac Os X, Macos, Debian Linux and 3 more | 2024-08-03 | 5.5 Medium |
| vim is vulnerable to Out-of-bounds Read | ||||
| CVE-2021-4192 | 5 Apple, Debian, Fedoraproject and 2 more | 6 Mac Os X, Macos, Debian Linux and 3 more | 2024-08-03 | 7.8 High |
| vim is vulnerable to Use After Free | ||||
| CVE-2021-4136 | 3 Apple, Fedoraproject, Vim | 4 Mac Os X, Macos, Fedora and 1 more | 2024-08-03 | 7.8 High |
| vim is vulnerable to Heap-based Buffer Overflow | ||||
| CVE-2021-4187 | 3 Apple, Fedoraproject, Vim | 4 Mac Os X, Macos, Fedora and 1 more | 2024-08-03 | 7.8 High |
| vim is vulnerable to Use After Free | ||||
| CVE-2021-4069 | 3 Debian, Fedoraproject, Vim | 3 Debian Linux, Fedora, Vim | 2024-08-03 | 7.8 High |
| vim is vulnerable to Use After Free | ||||