Lucene search
K

28 matches found

Vulnrichment
Vulnrichment
added 2025/03/03 4:30 p.m.10 views

CVE-2025-27423 Improper Input Validation in Vim

Vim is an open source, command line text editor. Vim is distributed with the tar.vim plugin, that allows easy editing and viewing of compressed or uncompressed tar files. Starting with 9.1.0858, the tar.vim plugin uses the ":read" ex command line to append below the cursor position, however the i...

7.1CVSS7.3AI score0.20775EPSS
Exploits0References3
AlpineLinux
AlpineLinux
added 2025/03/03 4:30 p.m.18 views

CVE-2025-27423

Vim is an open source, command line text editor. Vim is distributed with the tar.vim plugin, that allows easy editing and viewing of compressed or uncompressed tar files. Starting with 9.1.0858, the tar.vim plugin uses the ":read" ex command line to append below the cursor position, however the i...

7.1CVSS7.6AI score0.20775EPSS
Exploits0References4
CVE
CVE
added 2025/03/03 4:30 p.m.108 views

CVE-2025-27423

CVE-2025-27423 affects Vim (tar.vim plugin). Starting with Vim 9.1.0858, tar.vim uses the :read ex command to append below the cursor; input is not sanitized and is taken literally from the tar archive, allowing shell command execution via specially crafted archives (exploitation depends on the s...

7.1CVSS7.5AI score0.20775EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2025/03/03 4:30 p.m.24 views

CVE-2025-27423 Improper Input Validation in Vim

Vim is an open source, command line text editor. Vim is distributed with the tar.vim plugin, that allows easy editing and viewing of compressed or uncompressed tar files. Starting with 9.1.0858, the tar.vim plugin uses the ":read" ex command line to append below the cursor position, however the i...

7.1CVSS5.6AI score0.20775EPSS
Exploits0References6
FreeBSD
FreeBSD
added 2025/03/03 12:0 a.m.11 views

vim -- Improper Input Validation in Vim

[email protected] reports: Vim is distributed with the tar.vim plugin, that allows easy editing and viewing of compressed or uncompressed tar files. Starting with 9.1.0858, the tar.vim plugin uses the ":read" ex command line to append below the cursor position, however the is not...

7.1CVSS7.4AI score0.20775EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2025/03/02 12:0 a.m.8 views

vim -- Potential code execution

vim reports: Summary Potential code execution with tar.vim and special crafted tar files Description Vim is distributed with the tar.vim plugin, that allows easy editing and viewing of compressed or uncompressed tar files. Since commit 129a844 Nov 11, 2024 runtimetar: Update tar.vim to support...

7.9AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/03/02 12:0 a.m.6 views

PT-2025-9524 · Vim +3 · Vim +3

Name of the Vulnerable Software and Affected Versions: Vim versions 9.1.0858 through 9.1.1163 Description: Vim is an open source, command line text editor that is distributed with the tar.vim plugin. This plugin allows easy editing and viewing of compressed or uncompressed tar files. However,...

7.1CVSS5AI score0.20775EPSS
Exploits0References52
Tenable Nessus
Tenable Nessus
added 2008/11/25 12:0 a.m.39 views

RHEL 5 : vim (RHSA-2008:0580)

The remote Redhat Enterprise Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2008:0580 advisory. - vim format string flaw CVE-2007-2953 - vim: command execution via scripts not sanitizing inputs to execute and system CVE-2008-2712 - Vim...

9.3CVSS7.4AI score0.15044EPSS
Exploits6References15
Rows per page
Query Builder