12 matches found
CVE-2026-57451 Vim: Out-of-bounds Read in Text Property Count
Vim is an open source, command line text editor. Prior to 9.2.0670, gettextprops in src/textprop.c reads a uint16 property count stored inline after a line's text and returns it as the number of 32-byte textpropT entries that follow. The only check is a floor that guarantees room for a single...
CVE-2026-57451
Vim CVE-2026-57451 affects Vim up to version 9.2.0670. The issue in get_text_props() (src/textprop.c) reads a uint16 property count inline after a line’s text and treats it as the number of 32-byte textprop_T entries that follow. The only boundary check is a floor for a single entry, and the coun...
CVE-2026-57451 Vim: Out-of-bounds Read in Text Property Count
Vim is an open source, command line text editor. Prior to 9.2.0670, gettextprops in src/textprop.c reads a uint16 property count stored inline after a line's text and returns it as the number of 32-byte textpropT entries that follow. The only check is a floor that guarantees room for a single...
CVE-2026-57451
Vim is an open source, command line text editor. Prior to 9.2.0670, gettextprops in src/textprop.c reads a uint16 property count stored inline after a line's text and returns it as the number of 32-byte textpropT entries that follow. The only check is a floor that guarantees room for a single...
CVE-2026-57454 Vim: Out-of-bounds Read with Text Properties
Vim is an open source, command line text editor. From 9.2.0320 until 9.2.0679, a crafted undo or swap file can store a virtual-text property whose offset and length point outside the line's property data. When Vim restores or displays such a line it converts the offset into a pointer and reads th...
PT-2026-52476
Name of the Vulnerable Software and Affected Versions Vim versions prior to 9.2.0670 Description The get text props function in src/textprop.c reads a uint16 property count stored inline after a line's text and returns it as the number of 32-byte textprop T entries that follow. Because the count ...
EUVD-2023-0944
Malicious code in bioql PyPI...
CVE-2023-26055
XWiki Commons are technical libraries common to several other top level XWiki projects. Starting in version 3.1-milestone-1, any user can edit their own profile and inject code, which is going to be executed with programming right. The same vulnerability can also be exploited in all other places...
CVE-2023-26055
XWiki Commons are technical libraries common to several other top level XWiki projects. Starting in version 3.1-milestone-1, any user can edit their own profile and inject code, which is going to be executed with programming right. The same vulnerability can also be exploited in all other places...
CVE-2023-26055
CVE-2023-26055 affects XWiki Commons. Starting with version 3.1-milestone-1, any user can edit their own profile and inject code that runs with programming privileges; the vulnerability also appears in other short text fields displayed in Apps Within Minutes. The issue has been patched in version...
CVE-2023-26055 XWiki Commons may allow privilege escalation to programming rights via user's first name
XWiki Commons are technical libraries common to several other top level XWiki projects. Starting in version 3.1-milestone-1, any user can edit their own profile and inject code, which is going to be executed with programming right. The same vulnerability can also be exploited in all other places...
Memory corruption
Use-after-free vulnerability in the SetBreaks function in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 allows remote attackers to execute arbitrary code or cause a denial of service heap memory corruption via a document containing crafted text in...