77 matches found
CVE-2022-3520
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0765. Mitigation Untrusted vim scripts with -s scriptin are not recommended to run...
DEBIAN-CVE-2022-46908
SQLite through 3.40.0, when relying on --safe for execution of an untrusted CLI script, does not properly implement the azProhibitedFunctions protection mechanism, and instead allows UDF functions such as WRITEFILE...
SQLite 安全漏洞
SQLite is a lightweight database that is an ACID compliant relational database management system. A security vulnerability exists in SQLite 3.40.0 and prior versions that stems from not properly implementing the azProhibitedFunctions protection mechanism when relying on --safe to execute untruste...
CVE-2022-4293
A floating point exception flaw was found in Vim's numdivide function of the eval.c file. This issue occurs when dividing the largest negative number by -1. This could allow an attacker to trick a user into opening a specially crafted file, triggering an application to crash and leading to a deni...
CVE-2022-4292
A heap use-after-free flaw was found in Vim's didsetspelllang function of the spell.c file. This issue occurs because vim uses freed memory after SpellFileMissing autocmd uses bwipe. This could allows an attacker to trick a user into opening a specially crafted file, triggering a heap...
CVE-2022-3491
A heap-based buffer overflow flaw was found in Vim's skipwhite function of the charset.c file. This issue occurs when reading data past the end of the line when compiling a function with errors. This could allows an attacker to trick a user into opening a specially crafted file, triggering an...
CVE-2022-3324
A stack-based buffer overflow vulnerability was found in Vim's winredrruler function of the src/drawscreen.c file. The issue occurs when using a negative array index with a negative width window. This flaw allows an attacker to trick a user into opening a specially crafted file, which triggers th...
CVE-2022-3134
A heap use-after-free vulnerability was found in vim's dotag function of the src/tag.c file. The issue triggers when the 'tagfunc' closes the window. This flaw allows an attacker to trick a user into opening a specially crafted file, triggering a heap use-after-free that causes an application to...
CVE-2022-3099
A use-after-free vulnerability was found in vim's docmdline function of the src/exdocmd.c file. The issue triggers when an invalid line number on :for is ignored. This flaw allows an attacker to trick a user into opening a specially crafted file, triggering use-after-free that causes an applicati...
CVE-2022-2982
A heap use-after-free vulnerability was found in vim's qffillbuffer function of the src/quickfix.c file. The issue occurs because vim uses freed memory when recursively using 'quickfixtextfunc.' This flaw allows an attacker to trick a user into opening a specially crafted file, triggering a heap...
CVE-2022-2845
Improper Validation of Specified Quantity in Input in GitHub repository vim/vim prior to 9.0.0218. Mitigation Untrusted vim scripts with -s scriptin are not recommended to run...
CVE-2022-2598
A flaw was found in vim. The vulnerability occurs due to Illegal memory access and leads to a heap buffer overflow vulnerability. This flaw allows an attacker to input a specially crafted file, leading to a crash or code execution. Mitigation Untrusted vim scripts with -s scriptin are not...
CVE-2022-2580
A flaw was found in vim. The vulnerability occurs due to illegal memory access and leads to a heap buffer overflow. This flaw allows an attacker to input a specially crafted file, leading to a crash or code execution. Mitigation Untrusted vim scripts with -s scriptin are not recommended to run...
CVE-2022-2304
A stack-based buffer overflow vulnerability was found in Vim's spelldumpcompl function of the src/spell.c file. This issue occurs because the spell dump goes beyond the end of an array when crafted input is processed. This flaw allows an attacker to trick a user into opening a specially crafted...
CVE-2022-2289
Use After Free in GitHub repository vim/vim prior to 9.0. Mitigation Untrusted vim scripts with -s scriptin are not recommended to run...
CVE-2022-2288
Out-of-bounds Write in GitHub repository vim/vim prior to 9.0. Mitigation Untrusted vim scripts with -s scriptin are not recommended to run...
CVE-2022-2285
Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0. Mitigation Untrusted vim scripts with -s scriptin are not recommended to run...
CVE-2022-2207
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. Mitigation Untrusted vim scripts with -s scriptin are not recommended to run...
CVE-2022-2183
Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. Mitigation Untrusted vim scripts with -s scriptin are not recommended to run...
CVE-2022-2000
An out-of-bounds write vulnerability was found in Vim's appendcommand function of the src/exdocmd.c file. This issue occurs when an error for a command goes over the end of IObuff. This flaw allows an attacker to trick a user into opening a specially crafted file, triggering a heap buffer overflo...