Lucene search
+L

32 matches found

redhatcve
redhatcve
added 2026/06/26 5:20 p.m.11 views

CVE-2026-57454

A flaw was found in Vim, an open source command-line text editor. A local attacker could exploit this vulnerability by providing a specially crafted undo or swap file. When Vim processes this file, an out-of-bounds read occurs, which can lead to the disclosure of sensitive information from memory...

6.8CVSS5.7AI score0.00119EPSS
Exploits0References6
nvd
nvd
added 2026/06/25 4:16 p.m.10 views

CVE-2026-57454

Vim is an open source, command line text editor. From 9.2.0320 until 9.2.0679, a crafted undo or swap file can store a virtual-text property whose offset and length point outside the line's property data. When Vim restores or displays such a line it converts the offset into a pointer and reads th...

6.8CVSS0.00119EPSS
Exploits0References3
euvd
euvd
added 2026/06/25 3:28 p.m.7 views

EUVD-2026-39449

Vim is an open source, command line text editor. Prior to 9.2.0670, gettextprops in src/textprop.c reads a uint16 property count stored inline after a line's text and returns it as the number of 32-byte textpropT entries that follow. The only check is a floor that guarantees room for a single...

5.3CVSS5.9AI score0.00113EPSS
Exploits0References3
cve
cve
added 2026/06/25 3:28 p.m.34 views

CVE-2026-57451

Vim CVE-2026-57451 affects Vim up to version 9.2.0670. The issue in get_text_props() (src/textprop.c) reads a uint16 property count inline after a line’s text and treats it as the number of 32-byte textprop_T entries that follow. The only boundary check is a floor for a single entry, and the coun...

6.1CVSS5.9AI score0.00113EPSS
Exploits0References3Affected Software1
alpinelinux
alpinelinux
added 2026/06/25 3:28 p.m.10 views

CVE-2026-57451

Vim is an open source, command line text editor. Prior to 9.2.0670, gettextprops in src/textprop.c reads a uint16 property count stored inline after a line's text and returns it as the number of 32-byte textpropT entries that follow. The only check is a floor that guarantees room for a single...

6.1CVSS5.9AI score0.00113EPSS
Exploits0References3
osv
osv
added 2026/06/25 3:28 p.m.3 views

CVE-2026-57451 Vim: Out-of-bounds Read in Text Property Count

Vim is an open source, command line text editor. Prior to 9.2.0670, gettextprops in src/textprop.c reads a uint16 property count stored inline after a line's text and returns it as the number of 32-byte textpropT entries that follow. The only check is a floor that guarantees room for a single...

5.3CVSS5.9AI score0.00113EPSS
Exploits0References5
alpinelinux
alpinelinux
added 2026/06/25 3:24 p.m.7 views

CVE-2026-57454

Vim is an open source, command line text editor. From 9.2.0320 until 9.2.0679, a crafted undo or swap file can store a virtual-text property whose offset and length point outside the line's property data. When Vim restores or displays such a line it converts the offset into a pointer and reads th...

6.8CVSS5.8AI score0.00119EPSS
Exploits0References3
attackerkb
attackerkb
added 2026/06/25 3:24 p.m.6 views

CVE-2026-57454

Vim is an open source, command line text editor. From 9.2.0320 until 9.2.0679, a crafted undo or swap file can store a virtual-text property whose offset and length point outside the line's property data. When Vim restores or displays such a line it converts the offset into a pointer and reads th...

6.8CVSS5.8AI score0.00119EPSS
Exploits0References4Affected Software1
cvelist
cvelist
added 2026/06/25 3:24 p.m.42 views

CVE-2026-57454 Vim: Out-of-bounds Read with Text Properties

Vim is an open source, command line text editor. From 9.2.0320 until 9.2.0679, a crafted undo or swap file can store a virtual-text property whose offset and length point outside the line's property data. When Vim restores or displays such a line it converts the offset into a pointer and reads th...

6.8CVSS0.00119EPSS
Exploits0References3
osv
osv
added 2026/06/25 3:24 p.m.6 views

CVE-2026-57454 Vim: Out-of-bounds Read with Text Properties

Vim is an open source, command line text editor. From 9.2.0320 until 9.2.0679, a crafted undo or swap file can store a virtual-text property whose offset and length point outside the line's property data. When Vim restores or displays such a line it converts the offset into a pointer and reads th...

6.8CVSS5.8AI score0.00119EPSS
Exploits0References5
ptsecurity
ptsecurity
added 2026/06/25 12:0 a.m.12 views

PT-2026-52476

Name of the Vulnerable Software and Affected Versions Vim versions prior to 9.2.0670 Description The get text props function in src/textprop.c reads a uint16 property count stored inline after a line's text and returns it as the number of 32-byte textprop T entries that follow. Because the count ...

6.1CVSS5.8AI score0.00113EPSS
Exploits0References5
ptsecurity
ptsecurity
added 2026/06/25 12:0 a.m.13 views

PT-2026-52479

Name of the Vulnerable Software and Affected Versions Vim versions 9.2.0320 through 9.2.0678 Description A flaw exists where a crafted undo or swap file can store a virtual-text property with an offset and length that point outside the line's property data. When the software restores or displays...

6.8CVSS5.8AI score0.00119EPSS
Exploits0References5
euvd
euvd
added 2025/10/07 12:30 a.m.4 views

EUVD-2017-15411

Malware in sbrugna...

9.8CVSS6.9AI score0.03389EPSS
Exploits0References15
euvd
euvd
added 2025/10/07 12:30 a.m.4 views

EUVD-2017-15410

Malware in sbrugna...

9.8CVSS9.2AI score0.0274EPSS
Exploits0References15
susecve
susecve
added 2023/02/15 4:49 a.m.5 views

SUSE CVE-2017-6349

An integer overflow at a ureadundo memory allocation site would occur for vim before patch 8.0.0377, if it does not properly validate values for tree length when reading a corrupted undo file, which may lead to resultant buffer overflows...

9.8CVSS7.3AI score0.0274EPSS
Exploits0References6
veracode
veracode
added 2020/12/06 3:58 a.m.31 views

Integer Overflow

Neovim is vulnerable to integer overflow. The vulnerability existed because it does not properly validate values for tree length when reading a corrupted undo file, which may lead to resultant buffer overflows...

9.8CVSS3.5AI score0.0274EPSS
Exploits0References10Affected Software1
veracode
veracode
added 2020/12/06 3:57 a.m.26 views

Arbitrary Code Execution

neovim is vulnerable to arbitrary code execution. An integer overflow during unserializeuep memory allocation due to improper validation for for tree length when reading a corrupted undo file allows an attacker to execute arbitrary code on the host OS via a buffer overflow...

9.8CVSS5.8AI score0.03389EPSS
Exploits0References10Affected Software1
nessus
nessus
added 2017/07/07 12:0 a.m.37 views

openSUSE Security Update : vim (openSUSE-2017-788)

This update for vim fixes the following issues : Security issues fixed : - CVE-2017-5953: Fixed a possible overflow with corrupted spell file bsc1024724 - CVE-2017-6350: Fixed a possible overflow when reading a corrupted undo file bsc1027053 - CVE-2017-6349: Fixed a possible overflow when reading...

9.8CVSS6.9AI score0.03389EPSS
Exploits0References7
osv
osv
added 2017/06/28 7:15 p.m.11 views

SUSE-SU-2017:1712-1 Security update for vim

This update for vim fixes the following issues: Security issues fixed: - CVE-2017-5953: Fixed a possible overflow with corrupted spell file bsc1024724 - CVE-2017-6350: Fixed a possible overflow when reading a corrupted undo file bsc1027053 - CVE-2017-6349: Fixed a possible overflow when reading a...

9.8CVSS9.8AI score0.03389EPSS
Exploits0References8
redhatcve
redhatcve
added 2017/03/01 3:19 p.m.30 views

CVE-2017-6350

An integer overflow flaw was found in the way vim handled tree length values when reading an undo file. This bug could result in vim crashing when trying to process corrupted undo files...

9.8CVSS1.8AI score0.03389EPSS
Exploits0References1
Rows per page
Query Builder