17 matches found
Linux Distros Unpatched Vulnerability : CVE-2023-46246
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vim is an improved version of the good old UNIX editor Vi. Heap-use-after-free in memory allocated in the function gagrowinner in in the file src/alloc.c at lin...
Huawei EulerOS: Security Advisory for vim (EulerOS-SA-2024-1708)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization 3.0.6.0 : vim (EulerOS-SA-2024-1708)
According to the versions of the vim packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.1531. CVE-2023-2609 - Vim is an improved version of the good old...
Huawei EulerOS: Security Advisory for vim (EulerOS-SA-2024-1393)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE: Security Advisory for vim (SUSE-SU-2023:4587-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP10 : vim (EulerOS-SA-2024-1075)
According to the versions of the vim packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Vim is an improved version of the good old UNIX editor Vi. Heap-use-after-free in memory allocated in the function gagrowinner in in the file...
Fedora 38 : vim (2023-ca6c3651fe)
The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-ca6c3651fe advisory. The newest upstream commit Security fixes for CVE-2023-48706, CVE-2023-46246 Tenable has extracted the preceding description block directly from the...
Fedora 39 : vim (2023-3fbd936b15)
The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-3fbd936b15 advisory. The newest upstream commit Security fixes for CVE-2023-48706, CVE-2023-46246 Tenable has extracted the preceding description block directly from the...
Ubuntu: Security Advisory (USN-6557-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Amazon Linux AMI : vim (ALAS-2023-1893)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2023-1893 advisory. Vim is an improved version of the good old UNIX editor Vi. Heap-use-after-free in memory allocated in the function gagrowinner in in the file src/alloc.c at line 748, which is freed in the file...
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : vim (SUSE-SU-2023:4587-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4587-1 advisory. - CVE-2023-5344: Heap-based Buffer Overflow in vim prior to 9.0.1969 bsc1215940 - CVE-2023-5441:...
SUSE: Security Advisory (SUSE-SU-2023:4587-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2023:4560-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Amazon Linux 2 : vim (ALAS-2023-2338)
It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-2338 advisory. Vim is an improved version of the good old UNIX editor Vi. Heap-use-after-free in memory allocated in the function gagrowinner in in the file src/alloc.c at line 748, which is freed in the file...
Amazon Linux 2023 : vim-common, vim-data, vim-default-editor (ALAS2023-2023-431)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-431 advisory. Vim is an improved version of the good old UNIX editor Vi. Heap-use-after-free in memory allocated in the function gagrowinner in in the file src/alloc.c at line 748, which is freed in the file...
CVE-2023-46246
Vim (vim/vim) is affected by CVE-2023-46246 due to a heap-use-after-free in ga_grow_inner (src/alloc.c) which is freed in do_cmdline (src/ex_docmd.c) and may be reused when using the :history argument, potentially overflowed. The vulnerability has been patched in version 9.0.2068; multiple adviso...
CVE-2023-46246 Integer Overflow in :history command in Vim
Vim is an improved version of the good old UNIX editor Vi. Heap-use-after-free in memory allocated in the function gagrowinner in in the file src/alloc.c at line 748, which is freed in the file src/exdocmd.c in the function docmdline at line 1010 and then used again in src/cmdhist.c at line 759...