13 matches found
Vim < 9.2.0075 Heap-based Buffer Underflow (GHSA-xcc8-r6c5-hvwv)
The version of Vim installed on the remote host is prior to 9.2.0075. It is, therefore, affected by a vulnerability as referenced in the GHSA-xcc8-r6c5-hvwv advisory. - Vim is an open source, command line text editor. Prior to version 9.2.0075, a heap-based buffer underflow exists in Vim's...
SUSE CVE-2026-28419
Vim is an open source, command line text editor. Prior to version 9.2.0075, a heap-based buffer underflow exists in Vim's Emacs-style tags file parsing logic. When processing a malformed tags file where a delimiter appears at the start of a line, Vim attempts to read memory immediately preceding...
CVE-2026-28419
Vim is an open source, command line text editor. Prior to version 9.2.0075, a heap-based buffer underflow exists in Vim's Emacs-style tags file parsing logic. When processing a malformed tags file where a delimiter appears at the start of a line, Vim attempts to read memory immediately preceding...
CVE-2026-28419
Vim is an open source, command line text editor. Prior to version 9.2.0075, a heap-based buffer underflow exists in Vim's Emacs-style tags file parsing logic. When processing a malformed tags file where a delimiter appears at the start of a line, Vim attempts to read memory immediately preceding...
UBUNTU-CVE-2026-28419
Vim is an open source, command line text editor. Prior to version 9.2.0075, a heap-based buffer underflow exists in Vim's Emacs-style tags file parsing logic. When processing a malformed tags file where a delimiter appears at the start of a line, Vim attempts to read memory immediately preceding...
CVE-2026-28419
Vim is an open source, command line text editor. Prior to version 9.2.0075, a heap-based buffer underflow exists in Vim's Emacs-style tags file parsing logic. When processing a malformed tags file where a delimiter appears at the start of a line, Vim attempts to read memory immediately preceding...
CVE-2026-28419 Vim has Heap-based Buffer Underflow in Emacs tags parsing
Vim is an open source, command line text editor. Prior to version 9.2.0075, a heap-based buffer underflow exists in Vim's Emacs-style tags file parsing logic. When processing a malformed tags file where a delimiter appears at the start of a line, Vim attempts to read memory immediately preceding...
CVE-2026-28419
Vim prior to 9.2.0075 contains a heap-based buffer underflow in Emacs-style tags file parsing. When processing a malformed tags file with a delimiter at the start of a line, Vim may read memory before the allocated buffer. The issue affects Vim versions before 9.2.0075; version 9.2.0075 fixes the...
PT-2026-22418
Name of the Vulnerable Software and Affected Versions Vim versions prior to 9.2.0075 Description Vim, an open source command line text editor, contains a heap-based buffer underflow issue in its Emacs-style tags file parsing logic. When processing a malformed tags file containing a delimiter at t...
UBUNTU-CVE-2024-25629
c-ares is a C library for asynchronous DNS requests. aresreadline is used to parse local configuration files such as /etc/resolv.conf, /etc/nsswitch.conf, the HOSTALIASES file, and if using a c-ares version prior to 1.27.0, the /etc/hosts file. If any of these configuration files has an embedded...
PT-2024-1920 · C-Ares +9 · C-Ares +9
Name of the Vulnerable Software and Affected Versions: c-ares versions prior to 1.27.0 Description: The issue is related to the ares read line function in the c-ares library, which is used for asynchronous DNS requests. This function parses local configuration files such as /etc/resolv.conf,...
c-ares security breach
c-ares is a C library for asynchronous DNS requests from the individual developer of c-ares. A security vulnerability exists in c-ares, which stems from the fact that if a configuration file has a "NULL" character embedded as the first character in a new line, it may result in an attempt to read...
CLSA-2022-1653329020 Fix CVE(s): CVE-2022-1629, CVE-2022-1616, CVE-2022-1620, CVE-2022-1621, CVE-2022-1619
SECURITY UPDATE: Going before the start of the command line - debian/patches/CVE-2022-1619.patch: Check already being at the start of the command line - CVE-2022-1619 SECURITY UPDATE: NULL pointer access when using invalid pattern - debian/patches/CVE-2022-1620.patch: Check for failed regexp...