Lucene search
K

13 matches found

Tenable Nessus
Tenable Nessus
added 2026/03/06 12:0 a.m.3 views

Vim < 9.2.0075 Heap-based Buffer Underflow (GHSA-xcc8-r6c5-hvwv)

The version of Vim installed on the remote host is prior to 9.2.0075. It is, therefore, affected by a vulnerability as referenced in the GHSA-xcc8-r6c5-hvwv advisory. - Vim is an open source, command line text editor. Prior to version 9.2.0075, a heap-based buffer underflow exists in Vim's...

6.6CVSS6.2AI score0.00168EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/03/03 12:24 a.m.4 views

SUSE CVE-2026-28419

Vim is an open source, command line text editor. Prior to version 9.2.0075, a heap-based buffer underflow exists in Vim's Emacs-style tags file parsing logic. When processing a malformed tags file where a delimiter appears at the start of a line, Vim attempts to read memory immediately preceding...

5.3CVSS5.9AI score0.00168EPSS
Exploits0References3
NVD
NVD
added 2026/02/27 10:16 p.m.12 views

CVE-2026-28419

Vim is an open source, command line text editor. Prior to version 9.2.0075, a heap-based buffer underflow exists in Vim's Emacs-style tags file parsing logic. When processing a malformed tags file where a delimiter appears at the start of a line, Vim attempts to read memory immediately preceding...

6.6CVSS0.00168EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/02/27 10:16 p.m.2 views

CVE-2026-28419

Vim is an open source, command line text editor. Prior to version 9.2.0075, a heap-based buffer underflow exists in Vim's Emacs-style tags file parsing logic. When processing a malformed tags file where a delimiter appears at the start of a line, Vim attempts to read memory immediately preceding...

6.6CVSS6AI score0.00168EPSS
Exploits0References6
OSV
OSV
added 2026/02/27 10:16 p.m.6 views

UBUNTU-CVE-2026-28419

Vim is an open source, command line text editor. Prior to version 9.2.0075, a heap-based buffer underflow exists in Vim's Emacs-style tags file parsing logic. When processing a malformed tags file where a delimiter appears at the start of a line, Vim attempts to read memory immediately preceding...

6.6CVSS6.2AI score0.00168EPSS
Exploits0References7
Debian CVE
Debian CVE
added 2026/02/27 10:2 p.m.6 views

CVE-2026-28419

Vim is an open source, command line text editor. Prior to version 9.2.0075, a heap-based buffer underflow exists in Vim's Emacs-style tags file parsing logic. When processing a malformed tags file where a delimiter appears at the start of a line, Vim attempts to read memory immediately preceding...

6.6CVSS5.8AI score0.00168EPSS
Exploits0
OSV
OSV
added 2026/02/27 10:2 p.m.7 views

CVE-2026-28419 Vim has Heap-based Buffer Underflow in Emacs tags parsing

Vim is an open source, command line text editor. Prior to version 9.2.0075, a heap-based buffer underflow exists in Vim's Emacs-style tags file parsing logic. When processing a malformed tags file where a delimiter appears at the start of a line, Vim attempts to read memory immediately preceding...

5.3CVSS6AI score0.00168EPSS
Exploits0References6
CVE
CVE
added 2026/02/27 10:2 p.m.68 views

CVE-2026-28419

Vim prior to 9.2.0075 contains a heap-based buffer underflow in Emacs-style tags file parsing. When processing a malformed tags file with a delimiter at the start of a line, Vim may read memory before the allocated buffer. The issue affects Vim versions before 9.2.0075; version 9.2.0075 fixes the...

6.6CVSS6AI score0.00168EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/02/27 12:0 a.m.5 views

PT-2026-22418

Name of the Vulnerable Software and Affected Versions Vim versions prior to 9.2.0075 Description Vim, an open source command line text editor, contains a heap-based buffer underflow issue in its Emacs-style tags file parsing logic. When processing a malformed tags file containing a delimiter at t...

7.8CVSS6AI score0.01162EPSS
Exploits0References72
OSV
OSV
added 2024/02/23 3:15 p.m.3 views

UBUNTU-CVE-2024-25629

c-ares is a C library for asynchronous DNS requests. aresreadline is used to parse local configuration files such as /etc/resolv.conf, /etc/nsswitch.conf, the HOSTALIASES file, and if using a c-ares version prior to 1.27.0, the /etc/hosts file. If any of these configuration files has an embedded...

5.5CVSS6.8AI score0.00349EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/02/23 12:0 a.m.8 views

PT-2024-1920 · C-Ares +9 · C-Ares +9

Name of the Vulnerable Software and Affected Versions: c-ares versions prior to 1.27.0 Description: The issue is related to the ares read line function in the c-ares library, which is used for asynchronous DNS requests. This function parses local configuration files such as /etc/resolv.conf,...

8.2CVSS6.7AI score0.87211EPSS
Exploits2References122
CNNVD
CNNVD
added 2024/02/23 12:0 a.m.3 views

c-ares security breach

c-ares is a C library for asynchronous DNS requests from the individual developer of c-ares. A security vulnerability exists in c-ares, which stems from the fact that if a configuration file has a "NULL" character embedded as the first character in a new line, it may result in an attempt to read...

5.5CVSS7AI score0.00349EPSS
Exploits0References4
OSV
OSV
added 2022/05/23 6:3 p.m.7 views

CLSA-2022-1653329020 Fix CVE(s): CVE-2022-1629, CVE-2022-1616, CVE-2022-1620, CVE-2022-1621, CVE-2022-1619

SECURITY UPDATE: Going before the start of the command line - debian/patches/CVE-2022-1619.patch: Check already being at the start of the command line - CVE-2022-1619 SECURITY UPDATE: NULL pointer access when using invalid pattern - debian/patches/CVE-2022-1620.patch: Check for failed regexp...

7.8CVSS7.3AI score0.02645EPSS
Exploits5References1
Rows per page
Query Builder