Lucene search
+L

8 matches found

nessus
nessus
added 2026/07/02 12:0 a.m.4 views

Vim 9.2.0320 < 9.2.0679 Out-of-Bounds Read (GHSA-ww8h-47xp-hp4w)

The version of Vim installed on the remote host is between 9.2.0320 and 9.2.0679 exclusive. It is, therefore, affected by a vulnerability. - A crafted undo or swap file can store a virtual-text property whose offset and length point outside the line's property data. When Vim restores or displays...

6.8CVSS5.9AI score0.00119EPSS
Exploits0References2
redhatcve
redhatcve
added 2026/07/01 9:48 a.m.10 views

CVE-2026-57451

A flaw in Vim allows an attacker to cause a Denial of Service DoS via an application crash. If a user opens a maliciously crafted undo file, an out-of-bounds read is triggered in the gettextprops function due to missing length validation on property counts. Mitigation Users are advised to avoid...

6.1CVSS5.8AI score0.00113EPSS
Exploits0References6
cve
cve
added 2026/06/25 3:24 p.m.21 views

CVE-2026-57454

Vim vulnerability CVE-2026-57454 affects 9.2.0320–9.2.0679. A crafted undo or swap file can store a virtual-text property with offset/length outside the line’s property data. On restore/display, Vim converts the offset to a pointer and reads the virtual text without bounds checking, causing an ou...

6.8CVSS5.8AI score0.00119EPSS
Exploits0References3Affected Software1
nessus
nessus
added 2018/06/28 12:0 a.m.29 views

EulerOS 2.0 SP3 : vim (EulerOS-SA-2018-1171)

According to the version of the vim packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - An integer overflow flaw was found in the way vim handled undo files. This bug could result in vim crashing when trying to process corrupted undo...

9.8CVSS8.2AI score0.0274EPSS
Exploits0References2
mageia
mageia
added 2017/08/17 8:2 a.m.61 views

Updated vim packages fix security vulnerabilities

Florian Larysch and Bram Moolenaar discovered that vim, an enhanced vi editor, does not properly validate values for the "filetype", "syntax" and "keymap" options, which may result in the execution of arbitrary code if a file with a specially crafted modeline is opened CVE-2016-1248. A...

9.8CVSS1.5AI score0.25314EPSS
Exploits2References4
osv
osv
added 2017/08/17 8:2 a.m.6 views

MGASA-2017-0275 Updated vim packages fix security vulnerabilities

Florian Larysch and Bram Moolenaar discovered that vim, an enhanced vi editor, does not properly validate values for the "filetype", "syntax" and "keymap" options, which may result in the execution of arbitrary code if a file with a specially crafted modeline is opened CVE-2016-1248. A...

9.8CVSS9AI score0.25314EPSS
Exploits2References5
amazon
amazon
added 2017/03/29 12:0 a.m.49 views

Low: vim

Issue Overview: An integer overflow flaw was found in the way vim handled tree length values when reading an undo file. This bug could result in vim crashing when trying to process corrupted undo files. CVE-2017-6350 An integer overflow flaw was found in the way vim handled undo files. This bug...

9.8CVSS7.9AI score0.03389EPSS
Exploits0
alpinelinux
alpinelinux
added 2017/02/27 7:25 a.m.64 views

CVE-2017-6349

An integer overflow at a ureadundo memory allocation site would occur for vim before patch 8.0.0377, if it does not properly validate values for tree length when reading a corrupted undo file, which may lead to resultant buffer overflows...

9.8CVSS8.9AI score0.0274EPSS
Exploits0
Rows per page
Query Builder