CLSA-2025-1761845210 Fix CVE(s): CVE-2022-1733, CVE-2022-1796, CVE-2022-1886, CVE-2022-3016

SECURITY UPDATE: Heap-based Buffer Overflow - debian/patches/CVE-2022-1733.patch: Check for NUL to prevent reading past end of the line when C-indenting - CVE-2022-1733 SECURITY UPDATE: Use After Free - debian/patches/CVE-2022-1796.patch: Fix accessing freed memory when line is flushed by making ...

EUVD-2019-10635

Malware in sbrugna...

EUVD-2022-43062

Malicious code in bioql PyPI...

SUSE CVE-2022-3705

A vulnerability was found in vim and classified as problematic. Affected by this issue is the function qfupdatebuffer of the file quickfix.c of the component autocmd Handler. The manipulation leads to use after free. The attack may be launched remotely. Upgrading to version 9.0.0805 is able to...

EulerOS 2.0 SP10 : vim (EulerOS-SA-2023-1403)

According to the versions of the vim packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A vulnerability was found in vim and classified as problematic. Affected by this issue is the function qfupdatebuffer of the file quickfix.c of the...

EulerOS 2.0 SP10 : vim (EulerOS-SA-2023-1375)

According to the versions of the vim packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A vulnerability was found in vim and classified as problematic. Affected by this issue is the function qfupdatebuffer of the file quickfix.c of the...

EulerOS 2.0 SP8 : vim (EulerOS-SA-2023-1342)

According to the versions of the vim packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.4959. CVE-2022-1725 - Heap-based Buffer Overflow in GitHub repository vim/vim...

Amazon Linux AMI : vim (ALAS-2023-1663)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2023-1663 advisory. - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0765. CVE-2022-3520 - Use After Free in GitHub repository vim/vim prior to 9.0.0789. CVE-2022-3591 - A vulnerability was foun...

EulerOS 2.0 SP11 : vim (EulerOS-SA-2023-1025)

According to the versions of the vim packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0483. CVE-2022-3234 - Use After Free in GitHub repository vim/vim prior to...

EulerOS 2.0 SP9 : vim (EulerOS-SA-2023-1116)

According to the versions of the vim packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0577. CVE-2022-3296 - Use After Free in GitHub repository vim/vim prior to...

Fedora 36 : vim (2022-06e4f1dd58)

The remote Fedora 36 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-06e4f1dd58 advisory. Security fix for CVE-2022-3705 2139842 - vim upgrade broke :! for displaying terminal output Tenable has extracted the preceding description block...

USN-5775-1: Vim vulnerabilities

It was discovered that Vim uses freed memory in recurisve substitution of specially crafted patterns. An attacker could possbly use this to crash Vim and cause denial of service. CVE-2022-2345 It was discovered that Vim makes illegal memory calls when patterns start with an illegal byte. An...

USN-5775-1 vim vulnerabilities

It was discovered that Vim uses freed memory in recurisve substitution of specially crafted patterns. An attacker could possbly use this to crash Vim and cause denial of service. CVE-2022-2345 It was discovered that Vim makes illegal memory calls when patterns start with an illegal byte. An...

Amazon Linux 2022 : vim (ALAS2022-2022-251)

It is, therefore, affected by a vulnerability as referenced in the ALAS2022-2022-251 advisory. - A vulnerability was found in vim and classified as problematic. Affected by this issue is the function qfupdatebuffer of the file quickfix.c of the component autocmd Handler. The manipulation leads to...

Amazon Linux 2 : vim (ALAS-2022-1902)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2022-1902 advisory. 2024-02-01: CVE-2022-3591 was added to this advisory. 2024-02-01: CVE-2022-3520 was added to this advisory. Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0765. CVE-2022-352...

Important: vim

Issue Overview: Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0765. CVE-2022-3520 Use After Free in GitHub repository vim/vim prior to 9.0.0789. CVE-2022-3591 A vulnerability was found in vim and classified as problematic. Affected by this issue is the function qfupdatebuff...

Slackware Linux 15.0 / current vim Vulnerability (SSA:2022-304-01)

The version of vim installed on the remote host is prior to 9.0.0814. It is, therefore, affected by a vulnerability as referenced in the SSA:2022-304-01 advisory. - A vulnerability was found in vim and classified as problematic. Affected by this issue is the function qfupdatebuffer of the file...

ROS-20221103-01

Vim text editor vulnerability is related to memory release error in qfupdatebuffer function in the quickfix.c file of the autocmd Handler component. Exploitation of the vulnerability could allow an attacker, acting remotely, trick the victim into opening a specially crafted file, causing a progra...

CVE-2022-3705

A vulnerability was found in vim and classified as problematic. Affected by this issue is the function qfupdatebuffer of the file quickfix.c of the component autocmd Handler. The manipulation leads to use after free. The attack may be launched remotely. Upgrading to version 9.0.0805 is able to...

CVE-2022-3705

A vulnerability was found in vim and classified as problematic. Affected by this issue is the function qfupdatebuffer of the file quickfix.c of the component autocmd Handler. The manipulation leads to use after free. The attack may be launched remotely. Upgrading to version 9.0.0805 is able to...