EUVD-2026-17160

Vim before 9.2.0272 allows code execution that happens immediately upon opening a crafted file in the default configuration, because %expr injection occurs with tabpanel lacking PMLE...

EUVD-2023-50477

Malicious code in bioql PyPI...

EUVD-2023-52745

Malicious code in bioql PyPI...

AZL-31702 CVE-2023-46246 affecting package vim for versions less than 9.0.2112-1

Vim is an improved version of the good old UNIX editor Vi. Heap-use-after-free in memory allocated in the function gagrowinner in in the file src/alloc.c at line 748, which is freed in the file src/exdocmd.c in the function docmdline at line 1010 and then used again in src/cmdhist.c at line 759...

The vulnerability of the ins-compl_get_exp function in the Vim text editor allows a hacker to execute arbitrary code.

The vulnerability of the ins-complgetexp function in the Vim text editor is related to the use of memory after it is freed. Exploiting this vulnerability could allow an attacker to perform arbitrary commands...

SUSE CVE-2019-12735

getchar.c in Vim before 8.1.1365 and Neovim before 0.3.6 allows remote attackers to execute arbitrary OS commands via the :source! command in a modeline, as demonstrated by execute in Vim, and assertfails or nviminput in Neovim...

Vim text editor’s do_string_sub() function vulnerability, allowing a hacker to execute arbitrary code

The vulnerability of the dostringsub function in the Vim text editor is related to a boundary error in processing unreliable input data. Exploiting this vulnerability allows an attacker to execute arbitrary code...

The vulnerability of the getvcol function in the src/charset.c component of the Vim text editor allows a hacker to gain access to confidential data.

The vulnerability of the getvcol function in the src/charset.c file of the Vim text editor is related to the escape character being interpreted beyond its intended scope when using /%V. Exploiting this vulnerability allows an attacker to gain access to confidential data...

The vulnerability of the vim_regcomp() function in the Vim text editor allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the vimregcomp function in the Vim text editor is related to the assignment of a null pointer. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

The vulnerability of the do_tag() function in the Vim text editor allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the dotag function in the Vim text editor is related to the use of memory after it is freed. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

The vulnerability of the string_quote() function in the Vim text editor allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the stringquote function in the Vim text editor is related to the use of memory after it is freed. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

The vulnerability of Vim editor, related to reading beyond the buffer’s boundaries, allows a hacker to execute arbitrary commands.

The vulnerability of the Vim editor is related to reading beyond the buffer boundaries. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands by running a script using the parameter -s in the command line...