40 matches found
OESA-2025-1943 vim security update
Vim is an advanced text editor that seeks to provide the power of the de-facto Unix editor 'Vi', with a more complete feature set. Vim is a highly configurable text editor built to enable efficient text editing. It is an improved version of the vi editor distributed with most UNIX systems. Securi...
SUSE CVE-2025-53905
Vim is an open source, command line text editor. Prior to version 9.1.1552, a path traversal issue in Vim's tar.vim plugin can allow overwriting of arbitrary files when opening specially crafted tar archives. Impact is low because this exploit requires direct user interaction. However, successful...
CVE-2025-53905
Vim is an open source, command line text editor. Prior to version 9.1.1552, a path traversal issue in Vim’s tar.vim plugin can allow overwriting of arbitrary files when opening specially crafted tar archives. Impact is low because this exploit requires direct user interaction. However, successful...
AZL-65513 CVE-2025-53905 affecting package vim for versions less than 9.1.1552-1
Vim is an open source, command line text editor. Prior to version 9.1.1552, a path traversal issue in Vim’s tar.vim plugin can allow overwriting of arbitrary files when opening specially crafted tar archives. Impact is low because this exploit requires direct user interaction. However, successful...
AZL-65330 CVE-2025-53905 affecting package vim for versions less than 9.1.1552-1
Vim is an open source, command line text editor. Prior to version 9.1.1552, a path traversal issue in Vim’s tar.vim plugin can allow overwriting of arbitrary files when opening specially crafted tar archives. Impact is low because this exploit requires direct user interaction. However, successful...
DEBIAN-CVE-2025-53905
Vim is an open source, command line text editor. Prior to version 9.1.1552, a path traversal issue in Vim’s tar.vim plugin can allow overwriting of arbitrary files when opening specially crafted tar archives. Impact is low because this exploit requires direct user interaction. However, successful...
UBUNTU-CVE-2025-53905
Vim is an open source, command line text editor. Prior to version 9.1.1552, a path traversal issue in Vim’s tar.vim plugin can allow overwriting of arbitrary files when opening specially crafted tar archives. Impact is low because this exploit requires direct user interaction. However, successful...
CVE-2025-53905
Vim is an open source, command line text editor. Prior to version 9.1.1552, a path traversal issue in Vim’s tar.vim plugin can allow overwriting of arbitrary files when opening specially crafted tar archives. Impact is low because this exploit requires direct user interaction. However, successful...
AZL-57746 CVE-2025-27423 affecting package vim for versions less than 9.1.1164-1
Vim is an open source, command line text editor. Vim is distributed with the tar.vim plugin, that allows easy editing and viewing of compressed or uncompressed tar files. Starting with 9.1.0858, the tar.vim plugin uses the ":read" ex command line to append below the cursor position, however the i...
CVE-2025-27423 Improper Input Validation in Vim
Vim is an open source, command line text editor. Vim is distributed with the tar.vim plugin, that allows easy editing and viewing of compressed or uncompressed tar files. Starting with 9.1.0858, the tar.vim plugin uses the ":read" ex command line to append below the cursor position, however the i...
SUSE CVE-2008-3074
The shellescape function in Vim 7.0 through 7.2, including 7.2a.10, allows user-assisted attackers to execute arbitrary code via the "!" exclamation point shell metacharacter in 1 the filename of a tar archive and possibly 2 the filename of the first file in a tar archive, which is not properly...
Oracle Linux 5 : vim (ELSA-2008-0580)
The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2008-0580 advisory. - fixes CVE-2008-3074 tar plugin - fixes CVE-2008-3075 zip plugin - fixes CVE-2008-3076 netrw plugin - fixes CVE-2008-4101 keyword and tag lookup - fix...
Debian Security Advisory DSA 1733-1 (vim)
The remote host is missing an update to vim announced via advisory DSA 1733-1. OpenVAS Vulnerability Test $Id: deb17331.nasl 6615 2017-07-07 12:09:52Z cfischer $ Description: Auto-generated from advisory DSA 1733-1 vim Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...
Debian DSA-1733-1 : vim - several vulnerabilities
Several vulnerabilities have been found in vim, an enhanced vi editor. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2008-2712 Jan Minar discovered that vim did not properly sanitise inputs before invoking the execute or system functions inside vim...
DEBIAN-CVE-2008-3074
The shellescape function in Vim 7.0 through 7.2, including 7.2a.10, allows user-assisted attackers to execute arbitrary code via the "!" exclamation point shell metacharacter in 1 the filename of a tar archive and possibly 2 the filename of the first file in a tar archive, which is not properly...
Information disclosure
The shellescape function in Vim 7.0 through 7.2, including 7.2a.10, allows user-assisted attackers to execute arbitrary code via the "!" exclamation point shell metacharacter in 1 the filename of a tar archive and possibly 2 the filename of the first file in a tar archive, which is not properly...
CVE-2008-3074
The shellescape function in Vim 7.0 through 7.2, including 7.2a.10, allows user-assisted attackers to execute arbitrary code via the "!" exclamation point shell metacharacter in 1 the filename of a tar archive and possibly 2 the filename of the first file in a tar archive, which is not properly...
plugin: improper Implementation of shellescape() (arbitrary code execution)
The shellescape function in Vim 7.0 through 7.2, including 7.2a.10, allows user-assisted attackers to execute arbitrary code via the "!" exclamation point shell metacharacter in 1 the filename of a tar archive and possibly 2 the filename of the first file in a tar archive, which is not properly...
vim security update
7.0.109-4.4z - fix netrw 7.0.109-4.3z - fixes CVE-2008-3074 tar plugin - fixes CVE-2008-3075 zip plugin - fixes CVE-2008-3076 netrw plugin - fixes CVE-2008-4101 keyword and tag lookup 7.0.109-4.2z - fix some issues with netrw and remote file editing caused by the CVE-2008-2712 patch 7.0.109-4.1z ...
Vim: Unfixed Vulnerabilities in Tar Plugin Version 20
Vim: Unfixed Vulnerabilities in Tar Plugin Version 20 1. SUMMARY Product : Vim -- Vi IMproved Version : Vim = 7.0 possibly older, present in 7.2c.002 autoload/tar.vim = 9 possibly older, present in version 20 Impact : Arbitrary code execution Wherefrom: Local, remote CVE : CVE-2008-2712 Original ...