Lucene search
K

40 matches found

OSV
OSV
added 2025/08/01 1:3 p.m.2 views

OESA-2025-1943 vim security update

Vim is an advanced text editor that seeks to provide the power of the de-facto Unix editor 'Vi', with a more complete feature set. Vim is a highly configurable text editor built to enable efficient text editing. It is an improved version of the vi editor distributed with most UNIX systems. Securi...

4.1CVSS7.5AI score0.00731EPSS
Exploits2References3
SUSE CVE
SUSE CVE
added 2025/07/16 11:21 p.m.5 views

SUSE CVE-2025-53905

Vim is an open source, command line text editor. Prior to version 9.1.1552, a path traversal issue in Vim's tar.vim plugin can allow overwriting of arbitrary files when opening specially crafted tar archives. Impact is low because this exploit requires direct user interaction. However, successful...

4.1CVSS6.4AI score0.00242EPSS
Exploits1References14
NVD
NVD
added 2025/07/15 9:15 p.m.7 views

CVE-2025-53905

Vim is an open source, command line text editor. Prior to version 9.1.1552, a path traversal issue in Vim’s tar.vim plugin can allow overwriting of arbitrary files when opening specially crafted tar archives. Impact is low because this exploit requires direct user interaction. However, successful...

4.1CVSS0.00242EPSS
Exploits1References3
OSV
OSV
added 2025/07/15 9:15 p.m.7 views

AZL-65513 CVE-2025-53905 affecting package vim for versions less than 9.1.1552-1

Vim is an open source, command line text editor. Prior to version 9.1.1552, a path traversal issue in Vim’s tar.vim plugin can allow overwriting of arbitrary files when opening specially crafted tar archives. Impact is low because this exploit requires direct user interaction. However, successful...

4.1CVSS6.5AI score0.00242EPSS
Exploits1References1
OSV
OSV
added 2025/07/15 9:15 p.m.9 views

AZL-65330 CVE-2025-53905 affecting package vim for versions less than 9.1.1552-1

Vim is an open source, command line text editor. Prior to version 9.1.1552, a path traversal issue in Vim’s tar.vim plugin can allow overwriting of arbitrary files when opening specially crafted tar archives. Impact is low because this exploit requires direct user interaction. However, successful...

4.1CVSS7AI score0.00242EPSS
Exploits1References1
OSV
OSV
added 2025/07/15 9:15 p.m.2 views

DEBIAN-CVE-2025-53905

Vim is an open source, command line text editor. Prior to version 9.1.1552, a path traversal issue in Vim’s tar.vim plugin can allow overwriting of arbitrary files when opening specially crafted tar archives. Impact is low because this exploit requires direct user interaction. However, successful...

4.1CVSS6.4AI score0.00242EPSS
Exploits1References1
OSV
OSV
added 2025/07/15 9:15 p.m.3 views

UBUNTU-CVE-2025-53905

Vim is an open source, command line text editor. Prior to version 9.1.1552, a path traversal issue in Vim’s tar.vim plugin can allow overwriting of arbitrary files when opening specially crafted tar archives. Impact is low because this exploit requires direct user interaction. However, successful...

4.1CVSS6.8AI score0.00242EPSS
Exploits1References5
AlpineLinux
AlpineLinux
added 2025/07/15 8:48 p.m.2 views

CVE-2025-53905

Vim is an open source, command line text editor. Prior to version 9.1.1552, a path traversal issue in Vim’s tar.vim plugin can allow overwriting of arbitrary files when opening specially crafted tar archives. Impact is low because this exploit requires direct user interaction. However, successful...

4.1CVSS8AI score0.00242EPSS
Exploits1References3
OSV
OSV
added 2025/03/03 5:15 p.m.7 views

AZL-57746 CVE-2025-27423 affecting package vim for versions less than 9.1.1164-1

Vim is an open source, command line text editor. Vim is distributed with the tar.vim plugin, that allows easy editing and viewing of compressed or uncompressed tar files. Starting with 9.1.0858, the tar.vim plugin uses the ":read" ex command line to append below the cursor position, however the i...

7.1CVSS6.3AI score0.20775EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/03/03 4:30 p.m.16 views

CVE-2025-27423 Improper Input Validation in Vim

Vim is an open source, command line text editor. Vim is distributed with the tar.vim plugin, that allows easy editing and viewing of compressed or uncompressed tar files. Starting with 9.1.0858, the tar.vim plugin uses the ":read" ex command line to append below the cursor position, however the i...

7.1CVSS0.20775EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 6:7 a.m.6 views

SUSE CVE-2008-3074

The shellescape function in Vim 7.0 through 7.2, including 7.2a.10, allows user-assisted attackers to execute arbitrary code via the "!" exclamation point shell metacharacter in 1 the filename of a tar archive and possibly 2 the filename of the first file in a tar archive, which is not properly...

9.3CVSS7.7AI score0.03841EPSS
Exploits2References4
Tenable Nessus
Tenable Nessus
added 2013/07/12 12:0 a.m.31 views

Oracle Linux 5 : vim (ELSA-2008-0580)

The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2008-0580 advisory. - fixes CVE-2008-3074 tar plugin - fixes CVE-2008-3075 zip plugin - fixes CVE-2008-3076 netrw plugin - fixes CVE-2008-4101 keyword and tag lookup - fix...

9.3CVSS6.5AI score0.15044EPSS
Exploits7References7
OpenVAS
OpenVAS
added 2009/03/07 12:0 a.m.32 views

Debian Security Advisory DSA 1733-1 (vim)

The remote host is missing an update to vim announced via advisory DSA 1733-1. OpenVAS Vulnerability Test $Id: deb17331.nasl 6615 2017-07-07 12:09:52Z cfischer $ Description: Auto-generated from advisory DSA 1733-1 vim Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...

9.3CVSS0.6AI score0.15044EPSS
Exploits5
Tenable Nessus
Tenable Nessus
added 2009/03/04 12:0 a.m.40 views

Debian DSA-1733-1 : vim - several vulnerabilities

Several vulnerabilities have been found in vim, an enhanced vi editor. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2008-2712 Jan Minar discovered that vim did not properly sanitise inputs before invoking the execute or system functions inside vim...

9.3CVSS5.6AI score0.15044EPSS
Exploits5References13
OSV
OSV
added 2009/02/21 10:30 p.m.1 views

DEBIAN-CVE-2008-3074

The shellescape function in Vim 7.0 through 7.2, including 7.2a.10, allows user-assisted attackers to execute arbitrary code via the "!" exclamation point shell metacharacter in 1 the filename of a tar archive and possibly 2 the filename of the first file in a tar archive, which is not properly...

9.3CVSS7.7AI score0.03841EPSS
Exploits2References1
Prion
Prion
added 2009/02/21 10:30 p.m.28 views

Information disclosure

The shellescape function in Vim 7.0 through 7.2, including 7.2a.10, allows user-assisted attackers to execute arbitrary code via the "!" exclamation point shell metacharacter in 1 the filename of a tar archive and possibly 2 the filename of the first file in a tar archive, which is not properly...

9.3CVSS7.4AI score0.15044EPSS
Exploits3References21Affected Software2
NVD
NVD
added 2009/02/21 10:30 p.m.21 views

CVE-2008-3074

The shellescape function in Vim 7.0 through 7.2, including 7.2a.10, allows user-assisted attackers to execute arbitrary code via the "!" exclamation point shell metacharacter in 1 the filename of a tar archive and possibly 2 the filename of the first file in a tar archive, which is not properly...

9.3CVSS7.3AI score0.03841EPSS
Exploits2References21
RedHat Linux
RedHat Linux
added 2008/11/25 8:41 a.m.6 views

plugin: improper Implementation of shellescape() (arbitrary code execution)

The shellescape function in Vim 7.0 through 7.2, including 7.2a.10, allows user-assisted attackers to execute arbitrary code via the "!" exclamation point shell metacharacter in 1 the filename of a tar archive and possibly 2 the filename of the first file in a tar archive, which is not properly...

9.3CVSS6AI score0.03841EPSS
Exploits2References4
Oracle linux
Oracle linux
added 2008/11/25 12:0 a.m.42 views

vim security update

7.0.109-4.4z - fix netrw 7.0.109-4.3z - fixes CVE-2008-3074 tar plugin - fixes CVE-2008-3075 zip plugin - fixes CVE-2008-3076 netrw plugin - fixes CVE-2008-4101 keyword and tag lookup 7.0.109-4.2z - fix some issues with netrw and remote file editing caused by the CVE-2008-2712 patch 7.0.109-4.1z ...

9.3CVSS1.5AI score0.15044EPSS
Exploits7
securityvulns
securityvulns
added 2008/08/08 12:0 a.m.76 views

Vim: Unfixed Vulnerabilities in Tar Plugin Version 20

Vim: Unfixed Vulnerabilities in Tar Plugin Version 20 1. SUMMARY Product : Vim -- Vi IMproved Version : Vim = 7.0 possibly older, present in 7.2c.002 autoload/tar.vim = 9 possibly older, present in version 20 Impact : Arbitrary code execution Wherefrom: Local, remote CVE : CVE-2008-2712 Original ...

9.3CVSS0.4AI score0.15044EPSS
Exploits0
Rows per page
Query Builder