45 matches found
Path traversal issues in Vims tar.vim and zip.vim plugins
CVE-2025-53905 Vim is an open source, command line text editor. Prior to version 9.1.1552, a path traversal issue in Vim’s tar.vim plugin can allow overwriting of arbitrary files when opening specially crafted tar archives. Impact is low because this exploit requires direct user interaction...
Advisory ROSA-SA-2026-3204
Software: vim 8.0.1763 OS: ROSA Virtualization 2.1 unaffected versions = vim-8.0.1763-21.0.1.rv3 affected versions vim-8.0.1763-21.0.0.1.rv3 CVE-ID: CVE-2025-53905 BDU-ID: 2025-11730 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the vim text editor is related to an incorrect restriction of the...
Advisory ROSA-SA-2026-3186
Software: vim 8.0.1763 OS: ROSA Virtualization 3.0 unaffected versions = vim-8.0.1763-21.0.1.1.rv30 affected versions vim-8.0.1763-21.0.0.1.rv30 CVE-ID: CVE-2025-53905 BDU-ID: 2025-11730 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the vim text editor is related to an incorrect restriction of t...
Photon OS 4.0: Vim PHSA-2025-4.0-0934
An update of the vim package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-4.0-0934. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid29723...
MiracleLinux 9 : vim-8.2.2637-22.el9_6.1 (AXSA:2025-10959:02)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10959:02 advisory. vim: Vim path traversal CVE-2025-53906 vim: Vim path traversial CVE-2025-53905 Tenable has extracted the preceding description block directly from...
Huawei EulerOS: Security Advisory for vim (EulerOS-SA-2025-2568)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization 2.13.0 : vim (EulerOS-SA-2025-2603)
According to the versions of the vim packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Vim is an open source, command line text editor. Prior to version 9.1.1552, a path traversal issue in Vims tar.vim plugin can allow...
EulerOS Virtualization 2.13.1 : vim (EulerOS-SA-2025-2568)
According to the versions of the vim packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Vim is an open source, command line text editor. Prior to version 9.1.1552, a path traversal issue in Vims tar.vim plugin can allow...
Oracle Linux 9 : vim (ELSA-2025-20945)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-20945 advisory. - RHEL-112005 CVE-2025-53905 vim: Vim path traversial Tenable has extracted the preceding description block directly from the Oracle Linux security...
vim security update
8.2.2637-23.0.1 - Remove upstream references Orabug: 31197557 2:8.2.2637-23 - RHEL-112005 CVE-2025-53905 vim: Vim path traversial - RHEL-112009 CVE-2025-53906 vim: Vim path traversal...
AlmaLinux 9 : vim (ALSA-2025:20945)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:20945 advisory. vim: Vim path traversal CVE-2025-53906 vim: Vim path traversial CVE-2025-53905 Tenable has extracted the preceding description block directly from the...
Huawei EulerOS: Security Advisory for vim (EulerOS-SA-2025-2404)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Moderate: Red Hat Security Advisory: vim security update
An update for vim is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...
EUVD-2025-53905
Malicious code in hushed-gold-tarantula npm...
RHEL 9 : vim (RHSA-2025:20945)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:20945 advisory. Vim Vi IMproved is an updated and improved version of the vi editor. Security Fixes: vim: Vim path traversal CVE-2025-53906 vim: Vim path...
ALSA-2025:20945 Moderate: vim security update
Vim Vi IMproved is an updated and improved version of the vi editor. Security Fixes: vim: Vim path traversal CVE-2025-53906 vim: Vim path traversial CVE-2025-53905 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer...
RLSA-2025:17913 Moderate: vim security update
Vim Vi IMproved is an updated and improved version of the vi editor. Security Fixes: vim: Vim path traversal CVE-2025-53906 vim: Vim path traversial CVE-2025-53905 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer...
vim security update
An update is available for vim. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Vim Vi IMproved is an updated and improved version of the vi editor. Security...
RockyLinux 10 : vim (RLSA-2025:17913)
The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:17913 advisory. vim: Vim path traversal CVE-2025-53906 vim: Vim path traversial CVE-2025-53905 Tenable has extracted the preceding description block directly from the...
TencentOS Server 3: vim (TSSA-2025:0778)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0778 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...