NewStart CGSL MAIN 6.06 : vim Vulnerability (NS-SA-2025-0217)

The remote NewStart CGSL host, running version MAIN 6.06, has vim packages installed that are affected by a vulnerability: - getchar.c in Vim before 8.1.1365 and Neovim before 0.3.6 allows remote attackers to execute arbitrary OS commands via the :source! command in a modeline, as demonstrated by...

Ubuntu 18.04 ESM : Neovim vulnerability (USN-4862-1)

The remote Ubuntu 18.04 ESM host has packages installed that are affected by a vulnerability as referenced in the USN-4862-1 advisory. It was discovered that Neovim incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code...

F5 Networks BIG-IP : Vim/Neovim vulnerability (K93144355)

The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.3 / 17.5.1.3. It is, therefore, affected by a vulnerability as referenced in the K93144355 advisory. getchar.c in Vim before 8.1.1365 and Neovim before 0.3.6 allows remote attackers to execute arbitrary OS commands vi...

K93144355: Vim/Neovim vulnerability CVE-2019-12735

Security Advisory Description getchar.c in Vim before 8.1.1365 and Neovim before 0.3.6 allows remote attackers to execute arbitrary OS commands via the :source! command in a modeline, as demonstrated by execute in Vim, and assertfails or nviminput in Neovim. CVE-2019-12735 Impact This vulnerabili...

Virtuozzo 6 : vim-X11 / vim-common / vim-enhanced / etc (VZLSA-2019-1774)

An update for vim is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

CVE-2019-12735 affecting package vim 8.1.0388-7

CVE-2019-12735 affecting package vim 8.1.0388-7. A patched version of the package is available...

NewStart CGSL MAIN 4.05 : vim Vulnerability (NS-SA-2020-0020)

The remote NewStart CGSL host, running version MAIN 4.05, has vim packages installed that are affected by a vulnerability: - getchar.c in Vim before 8.1.1365 and Neovim before 0.3.6 allows remote attackers to execute arbitrary OS commands via the :source! command in a modeline, as demonstrated by...

Updated vim and neovim packages fix security vulnerability

Updated vim and neovim package fixes security vulnerability: It was discovered that Vim before 8.1.1365 and Neovim before 0.3.6 did not restrict the :source! command when executed in a sandbox. This allows remote attackers to take advantage of the modeline feature to inject arbitrary commands whe...

Huawei EulerOS: Security Advisory for vim (EulerOS-SA-2019-1699)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for vim (EulerOS-SA-2019-1690)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for vim (EulerOS-SA-2019-1753)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for vim (EulerOS-SA-2019-1766)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for vim (EulerOS-SA-2019-1997)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2019-12735

It was found that the :source! command was not restricted by the sandbox mode. If modeline was explicitly enabled, opening a specially crafted text file in vim could result in arbitrary command execution. Mitigation The vulnerability can be triggered only if modeline is enabled. You can check...

EulerOS 2.0 SP3 : vim (EulerOS-SA-2019-1997)

According to the version of the vim packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - It was found that the :source! command was not restricted by the sandbox mode. If modeline was explicitly enabled, opening a specially crafted text fi...

NewStart CGSL MAIN 4.06 : vim Vulnerability (NS-SA-2019-0177)

The remote NewStart CGSL host, running version MAIN 4.06, has vim packages installed that are affected by a vulnerability: - getchar.c in Vim before 8.1.1365 and Neovim before 0.3.6 allows remote attackers to execute arbitrary OS commands via the :source! command in a modeline, as demonstrated by...

Security Bulletin: Remote Execution Vulnerability Affects Red Hat Linux Used By IBM WebSphere Application Server for IBM Cloud Private VM Quickstarter (CVE-2019-12735)

Summary There is a security vulnerability that affects Red Hat Linux used by IBM WebSphere Application Server in the IBM Cloud. Vulnerability Details Relevant CVE Information: CVEID: CVE-2019-12735 DESCRIPTION: Vim and and Neovim could allow a remote attacker to execute arbitrary commands on the...

NewStart CGSL CORE 5.05 / MAIN 5.05 : vim Vulnerability (NS-SA-2019-0164)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has vim packages installed that are affected by a vulnerability: - It was found that the :source! command was not restricted by the sandbox mode. If modeline was explicitly enabled, opening a specially crafted text file in vim...

RHEL 7 : vim (RHSA-2019:1947)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:1947 advisory. Vim Vi IMproved is an updated and improved version of the vi editor. Security Fixes: vim/neovim: ':source!' command allows arbitrary command executio...

Security Bulletin: Remote Execution Vulnerability Affects Red Hat Linux Used By IBM WebSphere Application Server in IBM Cloud (CVE-2019-12735)

Summary There is a security vulnerability that affects Red Hat Linux used by IBM WebSphere Application Server in the IBM Cloud. Vim before 8.1.1365 and Neovim before 0.3.6 allows remote attackers to execute arbitrary OS commands via the :source! command in a modeline, as demonstrated by execute i...