Lucene search
K

12 matches found

RedhatCVE
RedhatCVE
added 6 days ago9 views

CVE-2026-55693

Vim is an open source, command line text editor. Prior to 9.2.0653, the treecountwords function in src/spellfile.c fills in the word-count fields of a spell-file word trie by walking it iteratively with a depth counter. The counter is bounded only by the trie structure itself; it is never checked...

8.4CVSS6.1AI score0.00126EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/07/02 12:0 a.m.6 views

Vim < 9.2.0662 Stack Out-of-Bounds Write (GHSA-qm9w-fmpj-879h)

The version of Vim installed on the remote host is prior to 9.2.0662. It is, therefore, affected by a vulnerability. - The dumpprefixes function in src/spell.c walks a spell-file prefix trie iteratively with a depth counter while dumping the prefixes that apply to a word. The counter is bounded...

5.5CVSS6.1AI score0.00122EPSS
Exploits0References2
NVD
NVD
added 2026/06/25 4:16 p.m.9 views

CVE-2026-55693

Vim is an open source, command line text editor. Prior to 9.2.0653, the treecountwords function in src/spellfile.c fills in the word-count fields of a spell-file word trie by walking it iteratively with a depth counter. The counter is bounded only by the trie structure itself; it is never checked...

8.4CVSS0.00126EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/25 3:34 p.m.5 views

CVE-2026-55693

Vim is an open source, command line text editor. Prior to 9.2.0653, the treecountwords function in src/spellfile.c fills in the word-count fields of a spell-file word trie by walking it iteratively with a depth counter. The counter is bounded only by the trie structure itself; it is never checked...

8.4CVSS5.8AI score0.00126EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2026/06/25 3:34 p.m.52 views

CVE-2026-55693 Vim: Out-of-bounds Write in Spell File Word Count

Vim is an open source, command line text editor. Prior to 9.2.0653, the treecountwords function in src/spellfile.c fills in the word-count fields of a spell-file word trie by walking it iteratively with a depth counter. The counter is bounded only by the trie structure itself; it is never checked...

8.4CVSS0.00126EPSS
Exploits0References3
OSV
OSV
added 2026/05/08 11:16 p.m.9 views

DEBIAN-CVE-2026-45130

Vim is an open source, command line text editor. Prior to version 9.2.0450, a heap buffer overflow exists in readcompound in src/spellfile.c when loading a crafted spell file .spl with UTF-8 encoding active. An attacker-controlled length field in the spell file's compound section overflows a 32-b...

5.5CVSS5.9AI score0.00248EPSS
Exploits1References1
UbuntuCve
UbuntuCve
added 2026/05/08 11:16 p.m.10 views

CVE-2026-45130

Vim is an open source, command line text editor. Prior to version 9.2.0450, a heap buffer overflow exists in readcompound in src/spellfile.c when loading a crafted spell file .spl with UTF-8 encoding active. An attacker-controlled length field in the spell file's compound section overflows a 32-b...

6.6CVSS5.9AI score0.00248EPSS
Exploits1References5
CVE
CVE
added 2026/05/08 10:42 p.m.38 views

CVE-2026-45130

Vim: Heap buffer overflow in read_compound() (src/spellfile.c) prior to 9.2.0450 when loading a crafted, UTF-8 spell file (.spl). An attacker-controlled length in the spell file’s compound section overflows a 32-bit signed multiplication, causing a small heap buffer to be allocated for a write lo...

6.6CVSS5.9AI score0.00248EPSS
Exploits1References4Affected Software2
EUVD
EUVD
added 2026/05/08 10:42 p.m.10 views

EUVD-2026-28871

Vim is an open source, command line text editor. Prior to version 9.2.0450, a heap buffer overflow exists in readcompound in src/spellfile.c when loading a crafted spell file .spl with UTF-8 encoding active. An attacker-controlled length field in the spell file's compound section overflows a 32-b...

6.6CVSS5.9AI score0.00248EPSS
Exploits1References3
AlpineLinux
AlpineLinux
added 2026/05/08 10:42 p.m.11 views

CVE-2026-45130

Vim is an open source, command line text editor. Prior to version 9.2.0450, a heap buffer overflow exists in readcompound in src/spellfile.c when loading a crafted spell file .spl with UTF-8 encoding active. An attacker-controlled length field in the spell file's compound section overflows a 32-b...

6.6CVSS5.9AI score0.00248EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2023/02/15 4:49 a.m.5 views

SUSE CVE-2017-5953

vim before patch 8.0.0322 does not properly validate values for tree length when handling a spell file, which may result in an integer overflow at a memory allocation site and a resultant buffer overflow...

8.4CVSS7.5AI score0.02834EPSS
Exploits0References9
OSV
OSV
added 2017/02/10 12:0 a.m.5 views

UBUNTU-CVE-2017-5953

vim before patch 8.0.0322 does not properly validate values for tree length when handling a spell file, which may result in an integer overflow at a memory allocation site and a resultant buffer overflow...

9.8CVSS7.1AI score0.02834EPSS
Exploits0References5
Rows per page
Query Builder