Lucene search
+L

144 matches found

nessus
nessus
added 2026/06/27 12:0 a.m.11 views

EulerOS 2.0 SP15 : vim (EulerOS-SA-2026-2513)

According to the versions of the vim packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Vim is an open source, command line text editor. Prior to version 9.2.0202, a command injection vulnerability exists in Vim's glob function on...

8.2CVSS7.5AI score0.01162EPSS
Exploits0References10
nessus
nessus
added 2026/06/27 12:0 a.m.10 views

EulerOS 2.0 SP15 : vim (EulerOS-SA-2026-2472)

According to the versions of the vim packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Vim is an open source, command line text editor. Prior to version 9.2.0202, a command injection vulnerability exists in Vim's glob function on...

8.2CVSS7.5AI score0.01162EPSS
Exploits0References10
redhatcve
redhatcve
added 2026/06/26 5:20 p.m.11 views

CVE-2026-57454

A flaw was found in Vim, an open source command-line text editor. A local attacker could exploit this vulnerability by providing a specially crafted undo or swap file. When Vim processes this file, an out-of-bounds read occurs, which can lead to the disclosure of sensitive information from memory...

6.8CVSS5.7AI score0.00119EPSS
Exploits0References6
nvd
nvd
added 2026/06/25 4:16 p.m.10 views

CVE-2026-57454

Vim is an open source, command line text editor. From 9.2.0320 until 9.2.0679, a crafted undo or swap file can store a virtual-text property whose offset and length point outside the line's property data. When Vim restores or displays such a line it converts the offset into a pointer and reads th...

6.8CVSS0.00119EPSS
Exploits0References3
attackerkb
attackerkb
added 2026/06/25 3:24 p.m.5 views

CVE-2026-57454

Vim is an open source, command line text editor. From 9.2.0320 until 9.2.0679, a crafted undo or swap file can store a virtual-text property whose offset and length point outside the line's property data. When Vim restores or displays such a line it converts the offset into a pointer and reads th...

6.8CVSS5.8AI score0.00119EPSS
Exploits0References4Affected Software1
cvelist
cvelist
added 2026/06/25 3:24 p.m.41 views

CVE-2026-57454 Vim: Out-of-bounds Read with Text Properties

Vim is an open source, command line text editor. From 9.2.0320 until 9.2.0679, a crafted undo or swap file can store a virtual-text property whose offset and length point outside the line's property data. When Vim restores or displays such a line it converts the offset into a pointer and reads th...

6.8CVSS0.00119EPSS
Exploits0References3
alpinelinux
alpinelinux
added 2026/06/25 3:24 p.m.7 views

CVE-2026-57454

Vim is an open source, command line text editor. From 9.2.0320 until 9.2.0679, a crafted undo or swap file can store a virtual-text property whose offset and length point outside the line's property data. When Vim restores or displays such a line it converts the offset into a pointer and reads th...

6.8CVSS5.8AI score0.00119EPSS
Exploits0References3
osv
osv
added 2026/06/25 3:24 p.m.5 views

CVE-2026-57454 Vim: Out-of-bounds Read with Text Properties

Vim is an open source, command line text editor. From 9.2.0320 until 9.2.0679, a crafted undo or swap file can store a virtual-text property whose offset and length point outside the line's property data. When Vim restores or displays such a line it converts the offset into a pointer and reads th...

6.8CVSS5.8AI score0.00119EPSS
Exploits0References5
ptsecurity
ptsecurity
added 2026/06/25 12:0 a.m.13 views

PT-2026-52479

Name of the Vulnerable Software and Affected Versions Vim versions 9.2.0320 through 9.2.0678 Description A flaw exists where a crafted undo or swap file can store a virtual-text property with an offset and length that point outside the line's property data. When the software restores or displays...

6.8CVSS5.8AI score0.00119EPSS
Exploits0References5
astralinux
astralinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: f2fs: Fixed to avoid mapping the wrong physical block for the swapfile. Xiaolong Guo reported a bug related to f2fs in bugzilla 1. 1 https://bugzilla.kernel.org/showbug.cgi?id=220951 Quoted: “When using the stress-ng swap stress...

7.8CVSS5.5AI score0.0016EPSS
Exploits0References2
nessus
nessus
added 2026/06/23 12:0 a.m.4 views

Oracle Linux 9 : vim (ELSA-2026-19224)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-19224 advisory. - RHEL-159630 CVE-2026-33412 vim: Vim: Arbitrary code execution via command injection in glob function - RHEL-155438 CVE-2026-28417 vim: Vim: Arbitrary code...

8.2CVSS6.6AI score0.01162EPSS
Exploits1References2
nessus
nessus
added 2026/06/06 12:0 a.m.15 views

EulerOS Virtualization 2.12.1 : vim (EulerOS-SA-2026-2091)

According to the versions of the vim packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Vim is an open source, command line text editor. Prior to version 9.2.0075, a heap-based buffer underflow exists in Vim's Emacs-style...

7.8CVSS7.3AI score0.01162EPSS
Exploits1References6
ibm
ibm
added 2026/05/25 1:53 p.m.26 views

Security Bulletin: IBM QRadar SIEM is vulnerable to using components with known vulnerabilities

Summary Multiple components with known vulnerabilities were addressed in IBM QRadar SIEM 7.5.0 UP15 IF03 Vulnerability Details CVEID:CVE-2026-28417 DESCRIPTION: Vim is an open source, command line text editor. Prior to version 9.2.0073, an OS command injection vulnerability exists in the netrw...

9.8CVSS7.4AI score0.01545EPSS
Exploits0Affected Software1
astralinux
astralinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: mm/swapfile: condresched was added to getswappages. A softlockup still occurs in getswappages under memory pressure. With 64 CPU cores, 64GB of memory, and 28 zram devices, the size of each zram device is 50MB, and they all have...

5.5CVSS5.9AI score0.00192EPSS
Exploits0References2
nessus
nessus
added 2026/05/04 12:0 a.m.8 views

Oracle Linux 10 : vim (ELSA-2026-11389)

The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-11389 advisory. - RHEL-159615 CVE-2026-33412 vim: Vim: Arbitrary code execution via command injection in glob function - RHEL-155409 CVE-2026-28421 vim: Vim: Denial of servic...

8.2CVSS6.4AI score0.01162EPSS
Exploits0References2
nessus
nessus
added 2026/05/04 12:0 a.m.8 views

Oracle Linux 9 : vim (ELSA-2026-11510)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-11510 advisory. - RHEL-155437 CVE-2026-28417 vim: Vim: Arbitrary code execution via OS command injection in the netrw plugin - RHEL-155422 CVE-2026-28421 vim: Vim: Denial of...

8.2CVSS6.4AI score0.01162EPSS
Exploits0References2
oraclelinux
oraclelinux
added 2026/04/29 12:0 a.m.17 views

vim security update

8.2.2637-23.0.1.el97.3 - Remove upstream references Orabug: 31197557 2:8.2.2637-23.3 - Resolves: RHEL-164965 vim: arbitrary command execution via modeline sandbox bypass 2:8.2.2637-23.2 - RHEL-155437 CVE-2026-28417 vim: Vim: Arbitrary code execution via OS command injection in the netrw plugin -...

8.2CVSS6.6AI score0.01162EPSS
Exploits1
nessus
nessus
added 2026/04/29 12:0 a.m.7 views

TencentOS Server 2: vim (TSSA-2026:0257)

The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2026:0257 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities...

7.8CVSS6.5AI score0.01162EPSS
Exploits1References5
oraclelinux
oraclelinux
added 2026/04/28 12:0 a.m.12 views

vim security update

9.1.083-6.0.1.el101.4 - Remove upstream references Orabug: 31197557 2:9.1.083-6.4 - Resolves: RHEL-164951 vim: arbitrary command execution via modeline sandbox bypass 2:9.1.083-6.3 - RHEL-159615 CVE-2026-33412 vim: Vim: Arbitrary code execution via command injection in glob function 2:9.1.083-6.2...

8.2CVSS6.6AI score0.01162EPSS
Exploits1
nessus
nessus
added 2026/04/17 12:0 a.m.8 views

MiracleLinux 9 : vim-8.2.2637-23.el9_7.2.ML.1 (AXSA:2026-447:08)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-447:08 advisory. vim: Vim: Arbitrary code execution via OS command injection in the netrw plugin CVE-2026-28417 vim: Vim: Denial of service and information disclosure...

7.8CVSS6.3AI score0.01162EPSS
Exploits0References4
Rows per page
Query Builder