Lucene search
K

77 matches found

RedhatCVE
RedhatCVE
added 2022/12/12 4:35 p.m.42 views

CVE-2022-3520

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0765. Mitigation Untrusted vim scripts with -s scriptin are not recommended to run...

9.8CVSS2.6AI score0.01002EPSS
Exploits1References4
OSV
OSV
added 2022/12/12 6:15 a.m.2 views

DEBIAN-CVE-2022-46908

SQLite through 3.40.0, when relying on --safe for execution of an untrusted CLI script, does not properly implement the azProhibitedFunctions protection mechanism, and instead allows UDF functions such as WRITEFILE...

7.3CVSS6.5AI score0.00425EPSS
Exploits1References1
CNNVD
CNNVD
added 2022/12/12 12:0 a.m.2 views

SQLite 安全漏洞

SQLite is a lightweight database that is an ACID compliant relational database management system. A security vulnerability exists in SQLite 3.40.0 and prior versions that stems from not properly implementing the azProhibitedFunctions protection mechanism when relying on --safe to execute untruste...

7.3CVSS6.5AI score0.00425EPSS
Exploits1References12
RedhatCVE
RedhatCVE
added 2022/12/07 2:31 p.m.40 views

CVE-2022-4293

A floating point exception flaw was found in Vim's numdivide function of the eval.c file. This issue occurs when dividing the largest negative number by -1. This could allow an attacker to trick a user into opening a specially crafted file, triggering an application to crash and leading to a deni...

5.5CVSS4.1AI score0.00463EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2022/12/07 2:1 p.m.31 views

CVE-2022-4292

A heap use-after-free flaw was found in Vim's didsetspelllang function of the spell.c file. This issue occurs because vim uses freed memory after SpellFileMissing autocmd uses bwipe. This could allows an attacker to trick a user into opening a specially crafted file, triggering a heap...

7.8CVSS3AI score0.00655EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2022/12/05 9:31 a.m.40 views

CVE-2022-3491

A heap-based buffer overflow flaw was found in Vim's skipwhite function of the charset.c file. This issue occurs when reading data past the end of the line when compiling a function with errors. This could allows an attacker to trick a user into opening a specially crafted file, triggering an...

7.8CVSS7.8AI score0.00496EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2022/10/06 8:27 a.m.102 views

CVE-2022-3324

A stack-based buffer overflow vulnerability was found in Vim's winredrruler function of the src/drawscreen.c file. The issue occurs when using a negative array index with a negative width window. This flaw allows an attacker to trick a user into opening a specially crafted file, which triggers th...

7.8CVSS5.7AI score0.00501EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2022/09/13 11:13 a.m.20 views

CVE-2022-3134

A heap use-after-free vulnerability was found in vim's dotag function of the src/tag.c file. The issue triggers when the 'tagfunc' closes the window. This flaw allows an attacker to trick a user into opening a specially crafted file, triggering a heap use-after-free that causes an application to...

7.8CVSS4.5AI score0.00528EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2022/09/05 5:28 a.m.35 views

CVE-2022-3099

A use-after-free vulnerability was found in vim's docmdline function of the src/exdocmd.c file. The issue triggers when an invalid line number on :for is ignored. This flaw allows an attacker to trick a user into opening a specially crafted file, triggering use-after-free that causes an applicati...

7.8CVSS5.2AI score0.00464EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2022/09/02 12:32 p.m.29 views

CVE-2022-2982

A heap use-after-free vulnerability was found in vim's qffillbuffer function of the src/quickfix.c file. The issue occurs because vim uses freed memory when recursively using 'quickfixtextfunc.' This flaw allows an attacker to trick a user into opening a specially crafted file, triggering a heap...

7.8CVSS4.2AI score0.00787EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2022/08/19 4:8 p.m.34 views

CVE-2022-2845

Improper Validation of Specified Quantity in Input in GitHub repository vim/vim prior to 9.0.0218. Mitigation Untrusted vim scripts with -s scriptin are not recommended to run...

2.8CVSS7.6AI score0.00501EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2022/08/09 1:37 p.m.72 views

CVE-2022-2598

A flaw was found in vim. The vulnerability occurs due to Illegal memory access and leads to a heap buffer overflow vulnerability. This flaw allows an attacker to input a specially crafted file, leading to a crash or code execution. Mitigation Untrusted vim scripts with -s scriptin are not...

5.5CVSS5.4AI score0.00872EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2022/08/09 1:37 p.m.26 views

CVE-2022-2580

A flaw was found in vim. The vulnerability occurs due to illegal memory access and leads to a heap buffer overflow. This flaw allows an attacker to input a specially crafted file, leading to a crash or code execution. Mitigation Untrusted vim scripts with -s scriptin are not recommended to run...

7.8CVSS5.6AI score0.00503EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2022/07/06 8:35 a.m.22 views

CVE-2022-2304

A stack-based buffer overflow vulnerability was found in Vim's spelldumpcompl function of the src/spell.c file. This issue occurs because the spell dump goes beyond the end of an array when crafted input is processed. This flaw allows an attacker to trick a user into opening a specially crafted...

7.8CVSS3.4AI score0.01408EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2022/07/05 8:6 a.m.44 views

CVE-2022-2289

Use After Free in GitHub repository vim/vim prior to 9.0. Mitigation Untrusted vim scripts with -s scriptin are not recommended to run...

4.4CVSS1.3AI score0.01264EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2022/07/05 8:6 a.m.33 views

CVE-2022-2288

Out-of-bounds Write in GitHub repository vim/vim prior to 9.0. Mitigation Untrusted vim scripts with -s scriptin are not recommended to run...

5.3CVSS1.6AI score0.01346EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2022/07/05 7:36 a.m.42 views

CVE-2022-2285

Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0. Mitigation Untrusted vim scripts with -s scriptin are not recommended to run...

7.8CVSS3AI score0.01343EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2022/06/29 1:5 p.m.36 views

CVE-2022-2207

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. Mitigation Untrusted vim scripts with -s scriptin are not recommended to run...

7.8CVSS2.6AI score0.01395EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2022/06/29 12:35 p.m.36 views

CVE-2022-2183

Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. Mitigation Untrusted vim scripts with -s scriptin are not recommended to run...

7.8CVSS1.5AI score0.0145EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2022/06/15 2:30 p.m.43 views

CVE-2022-2000

An out-of-bounds write vulnerability was found in Vim's appendcommand function of the src/exdocmd.c file. This issue occurs when an error for a command goes over the end of IObuff. This flaw allows an attacker to trick a user into opening a specially crafted file, triggering a heap buffer overflo...

7.8CVSS3.5AI score0.01527EPSS
Exploits1References3
Rows per page
Query Builder