Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

27 matches found

RedhatCVE
RedhatCVEadded 4 hours ago3 views

CVE-2026-57454

A flaw was found in Vim, an open source command-line text editor. A local attacker could exploit this vulnerability by providing a specially crafted undo or swap file. When Vim processes this file, an out-of-bounds read occurs, which can lead to the disclosure of sensitive information from memory...

6.8CVSS5.7AI score
Exploits0References6
NVD
NVDadded yesterday3 views

CVE-2026-57454

Vim is an open source, command line text editor. From 9.2.0320 until 9.2.0679, a crafted undo or swap file can store a virtual-text property whose offset and length point outside the line's property data. When Vim restores or displays such a line it converts the offset into a pointer and reads th...

6.8CVSS
Exploits0References3
AlpineLinux
AlpineLinuxadded yesterday4 views

CVE-2026-57451

Vim is an open source, command line text editor. Prior to 9.2.0670, gettextprops in src/textprop.c reads a uint16 property count stored inline after a line's text and returns it as the number of 32-byte textpropT entries that follow. The only check is a floor that guarantees room for a single...

6.1CVSS5.9AI score
Exploits0References3
EUVD
EUVDadded yesterday4 views

EUVD-2026-39449

Vim is an open source, command line text editor. Prior to 9.2.0670, gettextprops in src/textprop.c reads a uint16 property count stored inline after a line's text and returns it as the number of 32-byte textpropT entries that follow. The only check is a floor that guarantees room for a single...

5.3CVSS5.9AI score
Exploits0References3
CVE
CVEadded yesterday8 views

CVE-2026-57451

Vim CVE-2026-57451 affects Vim up to version 9.2.0670. The issue in get_text_props() (src/textprop.c) reads a uint16 property count inline after a line’s text and treats it as the number of 32-byte textprop_T entries that follow. The only boundary check is a floor for a single entry, and the coun...

6.1CVSS5.9AI score
Exploits0References3Affected Software1
AlpineLinux
AlpineLinuxadded yesterday4 views

CVE-2026-57454

Vim is an open source, command line text editor. From 9.2.0320 until 9.2.0679, a crafted undo or swap file can store a virtual-text property whose offset and length point outside the line's property data. When Vim restores or displays such a line it converts the offset into a pointer and reads th...

6.8CVSS5.8AI score
Exploits0References3
Cvelist
Cvelistadded yesterday33 views

CVE-2026-57454 Vim: Out-of-bounds Read with Text Properties

Vim is an open source, command line text editor. From 9.2.0320 until 9.2.0679, a crafted undo or swap file can store a virtual-text property whose offset and length point outside the line's property data. When Vim restores or displays such a line it converts the offset into a pointer and reads th...

6.8CVSS
Exploits0References3
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2017-15411

Malware in sbrugna...

9.8CVSS6.9AI score0.03389EPSS
Exploits0References15
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2017-15410

Malware in sbrugna...

9.8CVSS9.2AI score0.0274EPSS
Exploits0References15
SUSE CVE
SUSE CVEadded 2023/02/15 4:49 a.m.3 views

SUSE CVE-2017-6349

An integer overflow at a ureadundo memory allocation site would occur for vim before patch 8.0.0377, if it does not properly validate values for tree length when reading a corrupted undo file, which may lead to resultant buffer overflows...

9.8CVSS7.3AI score0.0274EPSS
Exploits0References6
Veracode
Veracodeadded 2020/12/06 3:58 a.m.29 views

Integer Overflow

Neovim is vulnerable to integer overflow. The vulnerability existed because it does not properly validate values for tree length when reading a corrupted undo file, which may lead to resultant buffer overflows...

9.8CVSS3.5AI score0.0274EPSS
Exploits0References10Affected Software1
Veracode
Veracodeadded 2020/12/06 3:57 a.m.25 views

Arbitrary Code Execution

neovim is vulnerable to arbitrary code execution. An integer overflow during unserializeuep memory allocation due to improper validation for for tree length when reading a corrupted undo file allows an attacker to execute arbitrary code on the host OS via a buffer overflow...

9.8CVSS5.8AI score0.03389EPSS
Exploits0References10Affected Software1
Tenable Nessus
Tenable Nessusadded 2017/07/07 12:0 a.m.36 views

openSUSE Security Update : vim (openSUSE-2017-788)

This update for vim fixes the following issues : Security issues fixed : - CVE-2017-5953: Fixed a possible overflow with corrupted spell file bsc1024724 - CVE-2017-6350: Fixed a possible overflow when reading a corrupted undo file bsc1027053 - CVE-2017-6349: Fixed a possible overflow when reading...

9.8CVSS6.9AI score0.03389EPSS
Exploits0References7
OSV
OSVadded 2017/06/28 7:15 p.m.9 views

SUSE-SU-2017:1712-1 Security update for vim

This update for vim fixes the following issues: Security issues fixed: - CVE-2017-5953: Fixed a possible overflow with corrupted spell file bsc1024724 - CVE-2017-6350: Fixed a possible overflow when reading a corrupted undo file bsc1027053 - CVE-2017-6349: Fixed a possible overflow when reading a...

9.8CVSS9.8AI score0.03389EPSS
Exploits0References8
RedhatCVE
RedhatCVEadded 2017/03/01 3:19 p.m.28 views

CVE-2017-6350

An integer overflow flaw was found in the way vim handled tree length values when reading an undo file. This bug could result in vim crashing when trying to process corrupted undo files...

9.8CVSS1.8AI score0.03389EPSS
Exploits0References1
NVD
NVDadded 2017/02/27 7:59 a.m.17 views

CVE-2017-6350

An integer overflow at an unserializeuep memory allocation site would occur for vim before patch 8.0.0378, if it does not properly validate values for tree length when reading a corrupted undo file, which may lead to resultant buffer overflows...

9.8CVSS7.5AI score0.03389EPSS
Exploits0References7
OSV
OSVadded 2017/02/27 7:59 a.m.1 views

DEBIAN-CVE-2017-6350

An integer overflow at an unserializeuep memory allocation site would occur for vim before patch 8.0.0378, if it does not properly validate values for tree length when reading a corrupted undo file, which may lead to resultant buffer overflows...

9.8CVSS7.3AI score0.03389EPSS
Exploits0References1
OSV
OSVadded 2017/02/27 7:59 a.m.3 views

ALPINE-CVE-2017-6349

An integer overflow at a ureadundo memory allocation site would occur for vim before patch 8.0.0377, if it does not properly validate values for tree length when reading a corrupted undo file, which may lead to resultant buffer overflows...

9.8CVSS7.3AI score0.0274EPSS
Exploits0References1
Prion
Prionadded 2017/02/27 7:59 a.m.28 views

Integer overflow

An integer overflow at an unserializeuep memory allocation site would occur for vim before patch 8.0.0378, if it does not properly validate values for tree length when reading a corrupted undo file, which may lead to resultant buffer overflows...

7.5CVSS9.4AI score0.03389EPSS
Exploits0References7Affected Software1
OSV
OSVadded 2017/02/27 7:59 a.m.8 views

UBUNTU-CVE-2017-6350

An integer overflow at an unserializeuep memory allocation site would occur for vim before patch 8.0.0378, if it does not properly validate values for tree length when reading a corrupted undo file, which may lead to resultant buffer overflows...

9.8CVSS6.8AI score0.03389EPSS
Exploits0References5
Rows per page
Query Builder