Lucene search
K

83 matches found

Tenable Nessus
Tenable Nessus
added 2026/07/02 12:0 a.m.3 views

Vim 9.1.1784 < 9.2.0678 Command Injection (GHSA-x5fg-h5w9-9frf)

The version of Vim installed on the remote host is between 9.1.1784 and 9.2.0678 exclusive. It is, therefore, affected by a vulnerability. - When the bundled zip plugin autoload/zip.vim falls back to PowerShell to browse, read, extract, update or delete entries in a zip archive, it builds the...

7.3CVSS6.3AI score0.00137EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/07/01 7:58 p.m.8 views

Important: Red Hat Security Advisory: vim security update

An update for vim is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System...

8.2CVSS7.2AI score0.00552EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/07/01 7:34 p.m.6 views

vim: zip.vim: Vim zip.vim plugin: Arbitrary file overwrite via path traversal bypass

A flaw was found in Vim's zip.vim plugin. A local user could be tricked into opening a specially crafted zip archive, which would allow a path traversal bypass. This vulnerability enables an attacker to overwrite arbitrary files on the system, potentially leading to data integrity issues or furth...

7.1CVSS5.9AI score0.00126EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/07/01 7:34 p.m.14 views

Important: Red Hat Security Advisory: vim security update

An update for vim is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability...

8.2CVSS7.9AI score0.00552EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/30 10:38 a.m.10 views

Important: Red Hat Security Advisory: vim security update

An update for vim is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability...

8.2CVSS6.4AI score0.00552EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/06/30 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-57453

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vim is an open source, command line text editor. From 9.1.1784 until 9.2.0678, when the bundled zip plugin autoload/zip.vim falls back to PowerShell to browse,...

7.3CVSS6.2AI score0.00137EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/06/29 7:52 a.m.5 views

vim: zip.vim: Vim zip.vim plugin: Arbitrary file overwrite via path traversal bypass

A flaw was found in Vim's zip.vim plugin. A local user could be tricked into opening a specially crafted zip archive, which would allow a path traversal bypass. This vulnerability enables an attacker to overwrite arbitrary files on the system, potentially leading to data integrity issues or furth...

7.1CVSS5.9AI score0.00126EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/06/27 12:0 a.m.9 views

EulerOS 2.0 SP15 : vim (EulerOS-SA-2026-2472)

According to the versions of the vim packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Vim is an open source, command line text editor. Prior to version 9.2.0202, a command injection vulnerability exists in Vim's glob function on...

8.2CVSS7.5AI score0.01162EPSS
Exploits0References10
NVD
NVD
added 2026/06/25 4:16 p.m.6 views

CVE-2026-57453

Vim is an open source, command line text editor. From 9.1.1784 until 9.2.0678, when the bundled zip plugin autoload/zip.vim falls back to PowerShell to browse, read, extract, update or delete entries in a zip archive, it builds the PowerShell command by inserting archive entry names that are quot...

7.3CVSS0.00137EPSS
Exploits0References3
CVE
CVE
added 2026/06/25 3:26 p.m.25 views

CVE-2026-57453

CVE-2026-57453 affects Vim (9.1.1784–9.2.0678) where the bundled zip.vim plugin falls back to PowerShell to handle zip archives. The PowerShell command is built by inserting archive entry names quoted for the shell but not for PowerShell, allowing a crafted entry name to escape the intended strin...

7.3CVSS6.2AI score0.00137EPSS
Exploits0References3Affected Software1
AlpineLinux
AlpineLinux
added 2026/06/25 3:26 p.m.6 views

CVE-2026-57453

Vim is an open source, command line text editor. From 9.1.1784 until 9.2.0678, when the bundled zip plugin autoload/zip.vim falls back to PowerShell to browse, read, extract, update or delete entries in a zip archive, it builds the PowerShell command by inserting archive entry names that are quot...

7.3CVSS6.2AI score0.00137EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.8 views

PT-2026-52478

Name of the Vulnerable Software and Affected Versions Vim versions 9.1.1784 through 9.2.0677 Description When the bundled zip plugin autoload/zip.vim uses PowerShell to browse, read, extract, update, or delete entries in a zip archive, it constructs the PowerShell command by quoting archive entry...

7.8CVSS6.1AI score0.00137EPSS
Exploits0References18
RedHat Linux
RedHat Linux
added 2026/06/23 6:43 a.m.4 views

Important: Red Hat Security Advisory: vim security update

An update for vim is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availab...

8.2CVSS7AI score0.00552EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/23 6:43 a.m.6 views

vim: zip.vim: Vim zip.vim plugin: Arbitrary file overwrite via path traversal bypass

A flaw was found in Vim's zip.vim plugin. A local user could be tricked into opening a specially crafted zip archive, which would allow a path traversal bypass. This vulnerability enables an attacker to overwrite arbitrary files on the system, potentially leading to data integrity issues or furth...

7.1CVSS6AI score0.00126EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/06/12 12:0 a.m.18 views

EulerOS Virtualization 2.13.1 : vim (EulerOS-SA-2026-2392)

According to the versions of the vim packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Vim is an open source, command line text editor. Prior to version 9.2.0202, a command injection vulnerability exists in Vim's glob...

8.2CVSS7.8AI score0.01162EPSS
Exploits0References11
Tenable Nessus
Tenable Nessus
added 2026/06/10 12:0 a.m.12 views

EulerOS 2.0 SP13 : vim (EulerOS-SA-2026-2318)

According to the versions of the vim packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Vim is an open source, command line text editor. Prior to version 9.2.0202, a command injection vulnerability exists in Vim's glob function on...

8.2CVSS7.9AI score0.01162EPSS
Exploits0References11
Tenable Nessus
Tenable Nessus
added 2026/06/08 12:0 a.m.14 views

MiracleLinux 8 : vim-8.0.1763-23.el8_10.ML.1 (AXSA:2026-765:13)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2026-765:13 advisory. vim: zip.vim: Vim zip.vim plugin: Arbitrary file overwrite via path traversal bypass CVE-2026-35177 Tenable has extracted the preceding description block...

7.1CVSS5.6AI score0.00126EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/06 12:0 a.m.8 views

RHEL 10 : vim (RHSA-2026:22711)

The remote Redhat Enterprise Linux 10 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2026:22711 advisory. Vim Vi IMproved is an updated and improved version of the vi editor. Security Fixes: vim: zip.vim: Vim zip.vim plugin: Arbitrary file overwrite via...

7.1CVSS5.6AI score0.00126EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/03 7:43 a.m.14 views

Moderate: Red Hat Security Advisory: vim security update

An update for vim is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

7.1CVSS5.8AI score0.00126EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Vim

Vim is an open-source, command-line text editor. Prior to version 9.1.1551, a path traversal issue in Vim’s zip.vim plugin could allow overwriting of arbitrary files when opening specially crafted zip archives. The impact is limited because this exploit requires direct user interaction. However,...

4.1CVSS6.6AI score0.00731EPSS
Exploits1References2
Rows per page
Query Builder