Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

212 matches found

Oracle linux
Oracle linuxadded 2007/06/26 12:0 a.m.40 views

Moderate: vim security update

7.0.109-3.3 - use gzip -9n to avoid multilib fileconflicts 7.0.109-3.2 - Let 'modeline' default to off for root - Resolves: bz238259 7.0.109-3.1 - fix modeline issues - Resolves: bz238259...

7.6CVSS2AI score0.03221EPSS
Exploits1
securityvulns
securityvulnsadded 2007/05/12 12:0 a.m.40 views

vim sandbox protection bypass

Potentially dangerous functions are allowed in modeline processing...

7.6CVSS4.7AI score0.03221EPSS
Exploits1References1Affected Software1
securityvulns
securityvulnsadded 2007/05/12 12:0 a.m.59 views

[ MDKSA-2007:101 ] - Updated vim packages fix vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDKSA-2007:101 http://www.mandriva.com/security/ Package : vim Date : May 9, 2007 Affected: 2007.0, 2007.1 Problem Description: A vulnerability in vim 7.0's modeline processing capabilities was discovered where a user...

7.6CVSS9.3AI score0.03221EPSS
Exploits1
Tenable Nessus
Tenable Nessusadded 2007/05/10 12:0 a.m.26 views

Mandrake Linux Security Advisory : vim (MDKSA-2007:101)

A vulnerability in vim 7.0's modeline processing capabilities was discovered where a user with modelines enabled could open a text file containing a carefully crafted modeline, executing arbitrary commands as the user running vim. Updated packages have been patched to prevent this issue...

7.6CVSS8.3AI score0.03221EPSS
Exploits1References1
Tenable Nessus
Tenable Nessusadded 2006/07/05 12:0 a.m.27 views

CentOS 3 / 4 : vim (CESA-2005:745)

Updated vim packages that fix a security issue are now available. This update has been rated as having low security impact by the Red Hat Security Response Team. VIM VIsual editor iMproved is a version of the vi editor. A bug was found in the way VIM processes modelines. If a user with modelines...

9.3CVSS5.2AI score0.02726EPSS
Exploits1References7
Tenable Nessus
Tenable Nessusadded 2006/01/15 12:0 a.m.28 views

Ubuntu 4.10 / 5.04 : vim vulnerability (USN-154-1)

Georgi Guninski discovered that it was possible to construct Vim modelines that execute arbitrary shell commands by wrapping them in glob or expand function calls. If an attacker tricked an user to open a file with a specially crafted modeline, he could exploit this to execute arbitrary commands...

5.9AI score
Exploits0
Tenable Nessus
Tenable Nessusadded 2006/01/15 12:0 a.m.21 views

Ubuntu 4.10 : vim vulnerability (USN-52-1)

Ciaran McCreesh found several vulnerabilities related to the use of options in Vim modeline commands, such as 'termcap', 'printdevice', 'titleold', 'filetype', 'syntax', 'backupext', 'keymap', 'patchmode', and 'langmenu'. If an attacker tricked an user to open a file with a specially crafted...

7.2CVSS5.9AI score0.0041EPSS
Exploits0References1
OSV
OSVadded 2005/09/08 12:0 a.m.5 views

DTSA-12-1 vim - modeline exploits

Bulletin has no description...

9.3CVSS6.3AI score0.02726EPSS
Exploits1
Cent OS
Cent OSadded 2005/08/22 11:25 p.m.51 views

vim security update

CentOS Errata and Security Advisory CESA-2005:745-01 Updated vim packages that fix a security issue are now available. This update has been rated as having low security impact by the Red Hat Security Response Team. VIM VIsual editor iMproved is a version of the vi editor. A bug was found in the w...

9.3CVSS5.7AI score0.02726EPSS
Exploits1References8
RedHat Linux
RedHat Linuxadded 2005/08/22 2:12 p.m.28 views

Low: Red Hat Security Advisory: vim security update

Updated vim packages that fix a security issue are now available. This update has been rated as having low security impact by the Red Hat Security Response Team. VIM VIsual editor iMproved is a version of the vi editor. A bug was found in the way VIM processes modelines. If a user with modelines...

9.3CVSS5.7AI score0.02726EPSS
Exploits1References3
Tenable Nessus
Tenable Nessusadded 2005/08/01 12:0 a.m.20 views

FreeBSD : vim -- vulnerabilities in modeline handling: glob, expand (81f127a8-0038-11da-86bc-000e0c2e438a)

Georgi Guninski discovered a way to construct Vim modelines that execute arbitrary shell commands. The vulnerability can be exploited by including shell commands in modelines that call the glob or expand functions. An attacker could trick an user to read or edit a trojaned file with modelines...

9.3CVSS5.9AI score0.02726EPSS
Exploits1References3
Ubuntu
Ubuntuadded 2005/07/26 10:42 p.m.26 views

USN-154-1: vim vulnerability

Georgi Guninski discovered that it was possible to construct Vim modelines that execute arbitrary shell commands by wrapping them in glob or expand function calls. If an attacker tricked an user to open a file with a specially crafted modeline, he could exploit this to execute arbitrary commands...

5.8AI score
Exploits0References1
FreeBSD
FreeBSDadded 2005/07/25 12:0 a.m.20 views

vim -- vulnerabilities in modeline handling: glob, expand

Georgi Guninski discovered a way to construct Vim modelines that execute arbitrary shell commands. The vulnerability can be exploited by including shell commands in modelines that call the glob or expand functions. An attacker could trick an user to read or edit a trojaned file with modelines...

9.3CVSS7AI score0.02726EPSS
Exploits1References1
Tenable Nessus
Tenable Nessusadded 2005/07/13 12:0 a.m.20 views

FreeBSD : vim -- vulnerabilities in modeline handling (bd9fc2bf-5ffe-11d9-a11a-000a95bc6fae)

Ciaran McCreesh discovered news ways in which a VIM modeline can be used to trojan a text file. The patch by Bram Moolenaar reads : Problem: Unusual characters in an option value may cause unexpected behavior, especially for a modeline. Ciaran McCreesh Solution: Don't allow setting termcap option...

7.2CVSS5.3AI score0.0041EPSS
Exploits0References4
RedHat Linux
RedHat Linuxadded 2005/02/15 9:36 a.m.2 views

security flaw

VIM before 6.3 and gVim before 6.3 allow local users to execute arbitrary commands via a file containing a crafted modeline that is executed when the file is viewed using options such as 1 termcap, 2 printdevice, 3 titleold, 4 filetype, 5 syntax, 6 backupext, 7 keymap, 8 patchmode, or 9 langmenu...

7.2CVSS6AI score0.0041EPSS
Exploits0References4
RedHat Linux
RedHat Linuxadded 2005/02/15 9:36 a.m.32 views

Low: Red Hat Security Advisory: vim security update

Updated vim packages that fix security vulnerabilities are now available for Red Hat Enterprise Linux 4. This update has been rated as having low security impact by the Red Hat Security Response Team. VIM Vi IMproved is an updated and improved version of the vi screen-based editor. Ciaran McCrees...

7.2CVSS6AI score0.0041EPSS
Exploits0References4
UbuntuCve
UbuntuCveadded 2005/01/10 5:0 a.m.20 views

CVE-2004-1138

VIM before 6.3 and gVim before 6.3 allow local users to execute arbitrary commands via a file containing a crafted modeline that is executed when the file is viewed using options such as 1 termcap, 2 printdevice, 3 titleold, 4 filetype, 5 syntax, 6 backupext, 7 keymap, 8 patchmode, or 9 langmenu...

7.2CVSS6AI score0.0041EPSS
Exploits0References2
OSV
OSVadded 2005/01/10 5:0 a.m.2 views

CVE-2004-1138

VIM before 6.3 and gVim before 6.3 allow local users to execute arbitrary commands via a file containing a crafted modeline that is executed when the file is viewed using options such as 1 termcap, 2 printdevice, 3 titleold, 4 filetype, 5 syntax, 6 backupext, 7 keymap, 8 patchmode, or 9 langmenu...

6.9AI score
Exploits0References8
OSV
OSVadded 2005/01/10 5:0 a.m.1 views

DEBIAN-CVE-2004-1138

VIM before 6.3 and gVim before 6.3 allow local users to execute arbitrary commands via a file containing a crafted modeline that is executed when the file is viewed using options such as 1 termcap, 2 printdevice, 3 titleold, 4 filetype, 5 syntax, 6 backupext, 7 keymap, 8 patchmode, or 9 langmenu...

7.2CVSS7.2AI score0.0041EPSS
Exploits0References1
Tenable Nessus
Tenable Nessusadded 2005/01/07 12:0 a.m.19 views

Mandrake Linux Security Advisory : vim (MDKSA-2005:003)

Several 'modeline'-related vulnerabilities were discovered in Vim by Ciaran McCreesh. The updated packages have been patched with Bram Moolenaar's vim 6.3.045 patch which fixes the reported vulnerabilities and adds more conservative 'modeline' rights. %NASLMINLEVEL 70300 C Tenable Network Securit...

7.2CVSS5.3AI score0.0041EPSS
Exploits0References1
Rows per page
Query Builder