It was discovered that Neovim incorrectly handled certain files. An attacker
could possibly use this issue to cause a denial of service or execute arbitrary code.

References

ubuntu.com/security/CVE-2019-12735

ubuntu.com/security/notices/USN-4862-1

suse 6

threatpost 1

nessus 45

osv 4

openvas 23

debiancve 1

mageia 1

alpinelinux 1

prion 1

oraclelinux 2

fedora 2

f5 1

githubexploit 3

zdt 1

ubuntucve 1

amazon 2

veracode 1

debian 4

redhat 4

cve 1

archlinux 2

ubuntu 3

ibm 4

thn 1

altlinux 1

freebsd 1

cbl_mariner 1

redhatcve 1

gentoo 1

centos 2

cloudfoundry 1

photon 6

exploitpack 1

exploitdb 1

suse

Security update for vim (important)

2019-06-17 00:00:00

Security update for neovim (important)

2019-07-21 00:00:00

Security update for neovim (important)

2019-08-24 00:00:00

threatpost

Linux Command-Line Editors Vulnerable to High-Severity Bug

2019-06-11 16:00:29

nessus

RHEL 6 : vim (RHSA-2019:1774)

2019-07-16 00:00:00

Oracle Linux 7 / 8 : vim (ELSA-2019-1619)

2019-06-28 00:00:00

Amazon Linux 2 : vim (ALAS-2019-1239)

2019-08-12 00:00:00

osv

CVE-2019-12735

2019-06-05 14:29:11

neovim - security update

2019-07-23 00:00:00

vim - security update

2019-06-18 00:00:00

openvas

SUSE: Security Advisory (SUSE-SU-2019:1456-1)

2021-04-19 00:00:00

Huawei EulerOS: Security Advisory for vim (EulerOS-SA-2019-1690)

2020-01-23 00:00:00

openSUSE: Security Advisory for neovim (openSUSE-SU-2019:1551-1)

2019-06-14 00:00:00

debiancve

CVE-2019-12735

2019-06-05 14:29:00

mageia

Updated vim and neovim packages fix security vulnerability

2020-02-13 13:49:00

alpinelinux

CVE-2019-12735

2019-06-05 14:29:00

prion

Command injection

2019-06-05 14:29:00

oraclelinux

vim security update

2019-07-18 00:00:00

vim security update

2019-07-18 00:00:00

fedora

[SECURITY] Fedora 30 Update: vim-8.1.1471-1.fc30

2019-06-08 00:59:20

[SECURITY] Fedora 29 Update: vim-8.1.1471-1.fc29

2019-06-13 01:39:09

K93144355 : Vim/Neovim vulnerability CVE-2019-12735

2019-06-24 00:00:00

githubexploit

Exploit for OS Command Injection in Vim

2021-05-20 07:18:49

Exploit for OS Command Injection in Vim

2019-06-18 16:59:39

Exploit for OS Command Injection in Vim

2019-06-06 06:00:06

zdt

Vim < 8.1.1365 / Neovim < 0.3.6 - Arbitrary Code Execution Vulnerability

2019-06-07 00:00:00

ubuntucve

CVE-2019-12735

2019-06-05 00:00:00

amazon

Important: vim

2019-07-17 23:30:00

Important: vim

2019-08-07 23:39:00

veracode

OS Command Injection

2019-07-01 00:17:05

debian

[SECURITY] [DSA 4467-2] vim regression update

2019-06-23 20:57:01

[SECURITY] [DSA 4467-1] vim security update

2019-06-18 21:27:05

[SECURITY] [DSA 4487-1] neovim security update

2019-07-23 21:15:37

redhat

(RHSA-2019:1947) Important: vim security update

2019-07-30 08:23:16

(RHSA-2019:1793) Important: vim security update

2019-07-16 11:51:07

(RHSA-2019:1774) Important: vim security update

2019-07-15 12:07:57

cve

CVE-2019-12735

2019-06-05 14:29:00

archlinux

[ASA-201906-8] vim: arbitrary code execution

2019-06-11 00:00:00

[ASA-201906-9] gvim: arbitrary code execution

2019-06-11 00:00:00

ubuntu

Neovim vulnerability

2021-03-15 00:00:00

Neovim vulnerability

2019-06-11 00:00:00

Vim vulnerabilities

2019-06-11 00:00:00

ibm

Security Bulletin: Remote Execution Vulnerability Affects Red Hat Linux Used By IBM WebSphere Application Server in IBM Cloud (CVE-2019-12735)

2019-07-31 19:44:23

Security Bulletin: Remote Execution Vulnerability Affects Red Hat Linux Used By IBM WebSphere Application Server for IBM Cloud Private VM Quickstarter (CVE-2019-12735)

2019-08-22 19:09:52

Security Bulletin: IBM QRadar SIEM Application Framework v1 (CentOS6) is End of Life

2021-12-14 20:35:00

thn

Your Linux Can Get Hacked Just by Opening a File in Vim or Neovim Editor

2019-06-10 18:26:00

altlinux

Security fix for the ALT Linux 9 package vim version 4:8.1.1517-alt1

2019-06-11 00:00:00

freebsd

Vim/NeoVim -- Security vulnerability

2019-05-22 00:00:00

cbl_mariner

CVE-2019-12735 affecting package vim 8.1.0388-7

2020-11-05 04:21:26

redhatcve

CVE-2019-12735

2019-10-09 05:57:30

gentoo

Vim, gVim: Remote execution of arbitrary code

2020-03-12 00:00:00

centos

vim security update

2019-07-01 15:55:11

vim security update

2019-07-17 16:41:16

cloudfoundry

USN-4016-1: Vim vulnerabilities | Cloud Foundry

2019-06-18 00:00:00

photon

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2019-2.0-0162

2019-06-11 00:00:00

Important Photon OS Security Update - PHSA-2019-0027

2019-09-03 00:00:00

Important Photon OS Security Update - PHSA-2019-3.0-0027

2019-09-03 00:00:00

exploitpack

Vim 8.1.1365 Neovim 0.3.6 - Arbitrary Code Execution

2019-06-04 00:00:00

exploitdb

Vim < 8.1.1365 / Neovim < 0.3.6 - Arbitrary Code Execution

2019-06-04 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
OpenSource

@2024 Vulners Inc

8.6 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

7.8 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.003 Low

EPSS

Percentile

69.0%

JSON

Related for OSV:USN-4862-1