Lucene search
K

248 matches found

Tenable Nessus
Tenable Nessus
added 2026/04/06 12:0 a.m.7 views

RHEL 9 : vim (RHSA-2026:6619)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:6619 advisory. Vim Vi IMproved is an updated and improved version of the vi editor. Security Fixes: vim: Vim: Arbitrary code execution via 'helpfile' optio...

7.8CVSS6.4AI score0.01162EPSS
Exploits1References10
Tenable Nessus
Tenable Nessus
added 2026/04/03 12:0 a.m.8 views

RHEL 9 : vim (RHSA-2026:6540)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:6540 advisory. Vim Vi IMproved is an updated and improved version of the vi editor. Security Fixes: vim: Vim: Arbitrary code execution via 'helpfile' optio...

7.8CVSS6.4AI score0.01162EPSS
Exploits1References10
Tenable Nessus
Tenable Nessus
added 2026/04/03 12:0 a.m.8 views

RHEL 10 : vim (RHSA-2026:6502)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:6502 advisory. Vim Vi IMproved is an updated and improved version of the vi editor. Security Fixes: vim: Vim: Arbitrary code execution via 'helpfile' opti...

7.8CVSS6.4AI score0.01162EPSS
Exploits1References10
RedHat Linux
RedHat Linux
added 2026/04/02 10:31 p.m.4 views

vim: Vim: Arbitrary code execution via OS command injection in the netrw plugin

A flaw was found in Vim, an open-source command-line text editor. Specifically, an operating system OS command injection vulnerability exists in the netrw standard plugin. A remote attacker could exploit this by tricking a user into opening a specially crafted URL, such as one using the scp://...

7.8CVSS6.1AI score0.01162EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/04/02 10:8 p.m.6 views

vim: Vim: Arbitrary code execution via OS command injection in the netrw plugin

A flaw was found in Vim, an open-source command-line text editor. Specifically, an operating system OS command injection vulnerability exists in the netrw standard plugin. A remote attacker could exploit this by tricking a user into opening a specially crafted URL, such as one using the scp://...

7.8CVSS6.1AI score0.01162EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/04/02 4:54 p.m.3 views

vim: Vim: Arbitrary code execution via OS command injection in the netrw plugin

A flaw was found in Vim, an open-source command-line text editor. Specifically, an operating system OS command injection vulnerability exists in the netrw standard plugin. A remote attacker could exploit this by tricking a user into opening a specially crafted URL, such as one using the scp://...

7.8CVSS6.1AI score0.01162EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/04/02 4:54 p.m.7 views

Important: Red Hat Security Advisory: vim security update

An update for vim is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...

7.8CVSS6.3AI score0.01162EPSS
Exploits1References5
OPENSUSE Linux
OPENSUSE Linux
added 2026/03/28 12:0 a.m.7 views

Security update for vim (important)

openSUSE security update: security update for vim ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20403-1 Rating: important References: bsc1246602 bsc1258229 bsc1259051 Cross-References: CVE-2025-53906 CVE-2026-26269 CVE-2026-28417 CVSS scores:...

5.4CVSS7AI score0.01162EPSS
Exploits1References3
CloudLinux
CloudLinux
added 2026/03/27 12:33 p.m.8 views

vim: Fix of 2 CVEs

CVE-2026-28417: fix OS command injection in netrw plugin when handling specially crafted URLs such as scp:// - CVE-2026-28421: fix heap-buffer-overflow and crash when recovering from a maliciously crafted Vim swap file...

7.8CVSS5.8AI score0.01162EPSS
Exploits0
OSV
OSV
added 2026/03/27 12:33 p.m.9 views

CLSA-2026-1774432816 vim: Fix of 2 CVEs

CVE-2026-28417: fix OS command injection in netrw plugin when handling specially crafted URLs such as scp:// - CVE-2026-28421: fix heap-buffer-overflow and crash when recovering from a maliciously crafted Vim swap file...

7.8CVSS7.1AI score0.01162EPSS
Exploits0References1
OSV
OSV
added 2026/03/27 12:31 p.m.6 views

CLSA-2026-1774525825 vim: Fix of 2 CVEs

CVE-2026-28417: fix OS command injection in netrw plugin via crafted scp:// URIs by adding strict RFC1123 hostname validation and using shellescape for hostname and port values. - CVE-2026-28421: fix heap-buffer-overflow and SEGV in swap file recovery by adding bounds checks on pepagecount,...

7.8CVSS5.8AI score0.01162EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/03/27 12:0 a.m.7 views

SUSE SLES12 Security Update : vim (SUSE-SU-2026:1051-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1051-1 advisory. Update Vim to version 9.2.0110: - CVE-2025-53906: malicious zip archive may cause a path traversal in Vim's zip bsc1246602. - CVE-2026-26269:...

7.8CVSS7.1AI score0.01162EPSS
Exploits1References25
SUSE Linux
SUSE Linux
added 2026/03/26 6:5 p.m.5 views

Security update for vim

This update for vim fixes the following issues: Update Vim to version 9.2.0110: CVE-2025-53906: malicious zip archive may cause a path traversal in Vim's zip bsc1246602. CVE-2026-26269: Netbeans specialKeys stack buffer overflow bsc1258229. CVE-2026-28417: crafted URL parsed by netrw plugin can...

5.4CVSS6.4AI score0.01162EPSS
Exploits1References12
OSV
OSV
added 2026/03/26 11:54 a.m.5 views

CLSA-2026-1774526052 Fix CVE(s): CVE-2026-28417, CVE-2026-28421

SECURITY UPDATE: Crash when recovering a corrupted swap file - debian/patches/CVE-2026-28421.patch: add bounds checks in swap file recovery to prevent heap-buffer-overflow and SEGV from crafted swap files - CVE-2026-28421 SECURITY UPDATE: Command injection via crafted netrw URIs -...

7.8CVSS5.8AI score0.01162EPSS
Exploits0References1
SUSE Linux
SUSE Linux
added 2026/03/26 5:4 a.m.3 views

Security update for vim

This update for vim fixes the following issues: Update Vim to version 9.2.0110: CVE-2025-53906: malicious zip archive may cause a path traversal in Vim's zip bsc1246602. CVE-2026-26269: Netbeans specialKeys stack buffer overflow bsc1258229. CVE-2026-28417: crafted URL parsed by netrw plugin can...

5.4CVSS7.1AI score0.01162EPSS
Exploits1References12
OSV
OSV
added 2026/03/25 9:51 a.m.7 views

CLSA-2026-1774432284 vim: Fix of 2 CVEs

CVE-2026-28417: fix OS command injection in netrw plugin when handling specially crafted URLs such as scp:// - CVE-2026-28421: fix heap-buffer-overflow and crash when recovering from a maliciously crafted Vim swap file...

7.8CVSS7.1AI score0.01162EPSS
Exploits0References1
OSV
OSV
added 2026/03/24 9:58 a.m.6 views

CLSA-2026-1774346288 vim: Fix of 2 CVEs

CVE-2026-28417: fix OS command injection via shell metacharacters in netrw URI hostname and port - CVE-2026-28421: fix heap-buffer-overflow and SEGV in swap file recovery due to unvalidated pointer block fields...

7.8CVSS5.8AI score0.01162EPSS
Exploits0References1
OSV
OSV
added 2026/03/24 9:44 a.m.5 views

CLSA-2026-1774345469 vim: Fix of 2 CVEs

CVE-2026-28417: fix OS command injection via shell metacharacters in netrw URI hostname and port - CVE-2026-28421: fix heap-buffer-overflow and SEGV in swap file recovery due to unvalidated pointer block fields...

7.8CVSS7.1AI score0.01162EPSS
Exploits0References1
OSV
OSV
added 2026/03/24 9:32 a.m.5 views

CLSA-2026-1774344754 vim: Fix of 2 CVEs

CVE-2026-28417: fix OS command injection in netrw plugin via crafted scp:// URIs by adding strict RFC1123 hostname validation and using shellescape for hostname and port values. - CVE-2026-28421: fix heap-buffer-overflow and SEGV in swap file recovery by adding bounds checks on pepagecount,...

7.8CVSS7.1AI score0.01162EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/03/23 12:0 a.m.7 views

CentOS 9 : vim-8.2.2637-26.el9

The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the vim-8.2.2637-26.el9 build changelog. - Denial of service and information disclosure via crafted swap file CVE-2026-28421 - Arbitrary code execution via OS command injection in...

7.8CVSS6.4AI score0.01162EPSS
Exploits0References3
Rows per page
Query Builder