Lucene search
K

441 matches found

CNNVD
CNNVD
added 2026/03/30 12:0 a.m.8 views

Vim 操作系统命令注入漏洞

Vim is an open-source, cross-platform text editor developed by Vim developers. Versions of Vim prior to 9.2.0272 contained a vulnerability related to operating system command injection. This vulnerability occurred when opening specially crafted files, potentially allowing code execution...

9.2CVSS6.4AI score0.00588EPSS
Exploits0References5
OSV
OSV
added 2026/03/27 2:8 p.m.3 views

OESA-2026-1781 vim security update

Vim is an advanced text editor that seeks to provide the power of the de-facto Unix editor 'Vi', with a more complete feature set. Vim is a highly configurable text editor built to enable efficient text editing. It is an improved version of the vi editor distributed with most UNIX systems. Securi...

7.3CVSS6AI score0.00834EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/03/24 7:43 p.m.28 views

CVE-2026-33412 Vim affected by Command injection via newline in glob()

Vim is an open source, command line text editor. Prior to version 9.2.0202, a command injection vulnerability exists in Vim's glob function on Unix-like systems. By including a newline character \n in a pattern passed to glob, an attacker may be able to execute arbitrary shell commands. This...

5.6CVSS0.00834EPSS
Exploits0References3
EUVD
EUVD
added 2026/03/24 7:43 p.m.5 views

EUVD-2026-14998

Vim is an open source, command line text editor. Prior to version 9.2.0202, a command injection vulnerability exists in Vim's glob function on Unix-like systems. By including a newline character \n in a pattern passed to glob, an attacker may be able to execute arbitrary shell commands. This...

5.6CVSS6AI score0.00834EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/03/24 7:43 p.m.25 views

CVE-2026-33412

Vim is an open source, command line text editor. Prior to version 9.2.0202, a command injection vulnerability exists in Vim's glob function on Unix-like systems. By including a newline character \n in a pattern passed to glob, an attacker may be able to execute arbitrary shell commands. This...

5.6CVSS6AI score0.00834EPSS
Exploits0References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/03/24 12:0 a.m.13 views

Alibaba Cloud Linux 3 : 0057: vim (ALINUX3-SA-2026:0057)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2026:0057 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2026-25749: Vim is an open source, command line...

6.6CVSS6.1AI score0.00213EPSS
Exploits1References2
SUSE CVE
SUSE CVE
added 2026/03/22 12:23 a.m.5 views

SUSE CVE-2026-33412

Vim is an open source, command line text editor. Prior to version 9.2.0202, a command injection vulnerability exists in Vim's glob function on Unix-like systems. By including a newline character \n in a pattern passed to glob, an attacker may be able to execute arbitrary shell commands. This...

5.3CVSS6AI score0.00834EPSS
Exploits0References19
Fedora
Fedora
added 2026/03/20 12:18 a.m.7 views

[SECURITY] Fedora 44 Update: vim-9.2.148-1.fc44

VIM VIsual editor iMproved is an updated and improved version of the vi editor. Vi was the first real screen-based editor for UNIX, and is still very popular. VIM improves on vi by adding new features: multiple windows, multi-level undo, block highlighting and more...

7.8CVSS5.9AI score0.01162EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/03/13 1:15 p.m.13 views

SUSE CVE-2026-32249

Vim is an open source, command line text editor. From 9.1.0011 to before 9.2.0137, Vim's NFA regex compiler, when encountering a collection containing a combining character as the endpoint of a character range e.g. 0-0\u05bb, incorrectly emits the composing bytes of that character as separate NFA...

5.5CVSS5.8AI score0.00133EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/03/12 8:16 p.m.8 views

CVE-2026-32249

Vim is an open source, command line text editor. From 9.1.0011 to before 9.2.0137, Vim's NFA regex compiler, when encountering a collection containing a combining character as the endpoint of a character range e.g. 0-0\u05bb, incorrectly emits the composing bytes of that character as separate NFA...

5.5CVSS5.9AI score0.00133EPSS
Exploits0References3
OSV
OSV
added 2026/03/12 8:16 p.m.4 views

UBUNTU-CVE-2026-32249

Vim is an open source, command line text editor. From 9.1.0011 to before 9.2.0137, Vim's NFA regex compiler, when encountering a collection containing a combining character as the endpoint of a character range e.g. 0-0\u05bb, incorrectly emits the composing bytes of that character as separate NFA...

5.5CVSS6.1AI score0.00133EPSS
Exploits0References4
OSV
OSV
added 2026/03/12 7:17 p.m.5 views

CVE-2026-32249 NFA regex engine NULL pointer dereference affects Vim < 9.2.0137

Vim is an open source, command line text editor. From 9.1.0011 to before 9.2.0137, Vim's NFA regex compiler, when encountering a collection containing a combining character as the endpoint of a character range e.g. 0-0\u05bb, incorrectly emits the composing bytes of that character as separate NFA...

5.3CVSS5.8AI score0.00133EPSS
Exploits0References5
Fedora
Fedora
added 2026/03/08 1:26 a.m.4 views

[SECURITY] Fedora 43 Update: vim-9.2.112-2.fc43

VIM VIsual editor iMproved is an updated and improved version of the vi editor. Vi was the first real screen-based editor for UNIX, and is still very popular. VIM improves on vi by adding new features: multiple windows, multi-level undo, block highlighting and more...

7.8CVSS5.8AI score0.01162EPSS
Exploits0
OSV
OSV
added 2026/03/06 12:41 p.m.4 views

OESA-2026-1501 vim security update

Vim is an advanced text editor that seeks to provide the power of the de-facto Unix editor 'Vi', with a more complete feature set. Vim is a highly configurable text editor built to enable efficient text editing. It is an improved version of the vi editor distributed with most UNIX systems. Securi...

7.5CVSS6AI score0.00284EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/03/06 12:0 a.m.4 views

Vim < 9.2.0074 Heap-based Buffer Overflow (GHSA-h4mf-vg97-hj8j)

The version of Vim installed on the remote host is prior to 9.2.0074. It is, therefore, affected by a vulnerability as referenced in the GHSA-h4mf-vg97-hj8j advisory. - Vim is an open source, command line text editor. Prior to version 9.2.0074, a heap-based buffer overflow out-of-bounds read exis...

5.5CVSS6.2AI score0.0022EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2026/03/06 12:0 a.m.3 views

The vulnerability of the Vim text editor, related to reading beyond the buffer in memory, allows a hacker to cause a service failure.

The vulnerability of the Vim text editor is related to reading data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to cause a system failure...

5.3CVSS6.3AI score0.00168EPSS
Exploits0References11Affected Software7
BDU FSTEC
BDU FSTEC
added 2026/03/06 12:0 a.m.3 views

The vulnerability of the Vim text editor, related to buffer overflow in dynamic memory, allows attackers to cause a service failure.

The vulnerability of the Vim text editor is related to overflowing the buffer in dynamic memory. Exploiting this vulnerability can allow an attacker to cause a system failure...

5.3CVSS5.9AI score0.00177EPSS
Exploits0References11Affected Software10
BDU FSTEC
BDU FSTEC
added 2026/03/06 12:0 a.m.3 views

The vulnerability of the Vim text editor, related to reading beyond the buffer in memory, allows a hacker to trigger a service failure.

The vulnerability of the Vim text editor is related to reading data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to cause a system failure...

4.4CVSS6.2AI score0.00177EPSS
Exploits0References11Affected Software7
SUSE CVE
SUSE CVE
added 2026/03/03 12:24 a.m.4 views

SUSE CVE-2026-28422

Vim is an open source, command line text editor. Prior to version 9.2.0078, a stack-buffer-overflow occurs in buildstlstrhl when rendering a statusline with a multi-byte fill character on a very wide terminal. Version 9.2.0078 patches the issue...

3.3CVSS5.8AI score0.00142EPSS
Exploits0References3
OSV
OSV
added 2026/02/27 10:16 p.m.6 views

AZL-78500 CVE-2026-28421 affecting package vim 9.1.1616-1

Vim is an open source, command line text editor. Versions prior to 9.2.0077 have a heap-buffer-overflow and a segmentation fault SEGV exist in Vim's swap file recovery logic. Both are caused by unvalidated fields read from crafted pointer blocks within a swap file. Version 9.2.0077 fixes the issu...

7.8CVSS5.8AI score0.00177EPSS
Exploits0References1
Rows per page
Query Builder