Lucene search
K

450 matches found

OSV
OSV
added 2026/03/12 7:17 p.m.5 views

CVE-2026-32249 NFA regex engine NULL pointer dereference affects Vim < 9.2.0137

Vim is an open source, command line text editor. From 9.1.0011 to before 9.2.0137, Vim's NFA regex compiler, when encountering a collection containing a combining character as the endpoint of a character range e.g. 0-0\u05bb, incorrectly emits the composing bytes of that character as separate NFA...

5.3CVSS5.8AI score0.00133EPSS
Exploits0References5
Fedora
Fedora
added 2026/03/08 1:26 a.m.4 views

[SECURITY] Fedora 43 Update: vim-9.2.112-2.fc43

VIM VIsual editor iMproved is an updated and improved version of the vi editor. Vi was the first real screen-based editor for UNIX, and is still very popular. VIM improves on vi by adding new features: multiple windows, multi-level undo, block highlighting and more...

7.8CVSS5.8AI score0.01162EPSS
Exploits0
OSV
OSV
added 2026/03/06 12:41 p.m.4 views

OESA-2026-1501 vim security update

Vim is an advanced text editor that seeks to provide the power of the de-facto Unix editor 'Vi', with a more complete feature set. Vim is a highly configurable text editor built to enable efficient text editing. It is an improved version of the vi editor distributed with most UNIX systems. Securi...

7.5CVSS6AI score0.00284EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2026/03/06 12:0 a.m.4 views

The vulnerability of the Vim text editor, related to reading beyond the buffer in memory, allows a hacker to trigger a service failure.

The vulnerability of the Vim text editor is related to reading data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to cause a system failure...

4.4CVSS6.2AI score0.00177EPSS
Exploits0References11Affected Software7
BDU FSTEC
BDU FSTEC
added 2026/03/06 12:0 a.m.4 views

The vulnerability of the Vim text editor, related to reading beyond the buffer in memory, allows a hacker to cause a service failure.

The vulnerability of the Vim text editor is related to reading data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to cause a system failure...

5.3CVSS6.3AI score0.00168EPSS
Exploits0References11Affected Software7
BDU FSTEC
BDU FSTEC
added 2026/03/06 12:0 a.m.4 views

The vulnerability of the Vim text editor, related to buffer overflow in dynamic memory, allows attackers to cause a service failure.

The vulnerability of the Vim text editor is related to overflowing the buffer in dynamic memory. Exploiting this vulnerability can allow an attacker to cause a system failure...

5.3CVSS5.9AI score0.00177EPSS
Exploits0References11Affected Software10
Tenable Nessus
Tenable Nessus
added 2026/03/06 12:0 a.m.5 views

Vim < 9.2.0074 Heap-based Buffer Overflow (GHSA-h4mf-vg97-hj8j)

The version of Vim installed on the remote host is prior to 9.2.0074. It is, therefore, affected by a vulnerability as referenced in the GHSA-h4mf-vg97-hj8j advisory. - Vim is an open source, command line text editor. Prior to version 9.2.0074, a heap-based buffer overflow out-of-bounds read exis...

5.5CVSS6.2AI score0.0022EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/03/03 12:24 a.m.4 views

SUSE CVE-2026-28422

Vim is an open source, command line text editor. Prior to version 9.2.0078, a stack-buffer-overflow occurs in buildstlstrhl when rendering a statusline with a multi-byte fill character on a very wide terminal. Version 9.2.0078 patches the issue...

3.3CVSS5.8AI score0.00142EPSS
Exploits0References3
OSV
OSV
added 2026/02/27 10:16 p.m.6 views

AZL-78500 CVE-2026-28421 affecting package vim 9.1.1616-1

Vim is an open source, command line text editor. Versions prior to 9.2.0077 have a heap-buffer-overflow and a segmentation fault SEGV exist in Vim's swap file recovery logic. Both are caused by unvalidated fields read from crafted pointer blocks within a swap file. Version 9.2.0077 fixes the issu...

7.8CVSS5.8AI score0.00177EPSS
Exploits0References1
NVD
NVD
added 2026/02/27 10:16 p.m.8 views

CVE-2026-28422

Vim is an open source, command line text editor. Prior to version 9.2.0078, a stack-buffer-overflow occurs in buildstlstrhl when rendering a statusline with a multi-byte fill character on a very wide terminal. Version 9.2.0078 patches the issue...

2.2CVSS0.00142EPSS
Exploits0References4
NVD
NVD
added 2026/02/27 10:16 p.m.12 views

CVE-2026-28419

Vim is an open source, command line text editor. Prior to version 9.2.0075, a heap-based buffer underflow exists in Vim's Emacs-style tags file parsing logic. When processing a malformed tags file where a delimiter appears at the start of a line, Vim attempts to read memory immediately preceding...

6.6CVSS0.00168EPSS
Exploits0References4
NVD
NVD
added 2026/02/27 10:16 p.m.9 views

CVE-2026-28418

Vim is an open source, command line text editor. Prior to version 9.2.0074, a heap-based buffer overflow out-of-bounds read exists in Vim's Emacs-style tags file parsing logic. When processing a malformed tags file, Vim can be tricked into reading up to 7 bytes beyond the allocated memory boundar...

5.5CVSS0.0022EPSS
Exploits0References4
OSV
OSV
added 2026/02/27 10:16 p.m.5 views

ALPINE-CVE-2026-28419

Vim is an open source, command line text editor. Prior to version 9.2.0075, a heap-based buffer underflow exists in Vim's Emacs-style tags file parsing logic. When processing a malformed tags file where a delimiter appears at the start of a line, Vim attempts to read memory immediately preceding...

6.6CVSS6AI score0.00168EPSS
Exploits0References1
OSV
OSV
added 2026/02/27 10:16 p.m.8 views

AZL-78512 CVE-2026-28422 affecting package vim 9.1.1616-1

Vim is an open source, command line text editor. Prior to version 9.2.0078, a stack-buffer-overflow occurs in buildstlstrhl when rendering a statusline with a multi-byte fill character on a very wide terminal. Version 9.2.0078 patches the issue...

2.2CVSS5.7AI score0.00142EPSS
Exploits0References1
OSV
OSV
added 2026/02/27 10:16 p.m.6 views

ALPINE-CVE-2026-28417

Vim is an open source, command line text editor. Prior to version 9.2.0073, an OS command injection vulnerability exists in the netrw standard plugin bundled with Vim. By inducing a user to open a crafted URL e.g., using the scp:// protocol handler, an attacker can execute arbitrary shell command...

7.8CVSS6.1AI score0.01162EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2026/02/27 10:16 p.m.4 views

CVE-2026-28421

Vim is an open source, command line text editor. Versions prior to 9.2.0077 have a heap-buffer-overflow and a segmentation fault SEGV exist in Vim's swap file recovery logic. Both are caused by unvalidated fields read from crafted pointer blocks within a swap file. Version 9.2.0077 fixes the issu...

7.8CVSS5.9AI score0.00177EPSS
Exploits0References6
OSV
OSV
added 2026/02/27 10:16 p.m.4 views

UBUNTU-CVE-2026-28421

Vim is an open source, command line text editor. Versions prior to 9.2.0077 have a heap-buffer-overflow and a segmentation fault SEGV exist in Vim's swap file recovery logic. Both are caused by unvalidated fields read from crafted pointer blocks within a swap file. Version 9.2.0077 fixes the issu...

7.8CVSS5.8AI score0.00177EPSS
Exploits0References7
OSV
OSV
added 2026/02/27 10:16 p.m.7 views

UBUNTU-CVE-2026-28422

Vim is an open source, command line text editor. Prior to version 9.2.0078, a stack-buffer-overflow occurs in buildstlstrhl when rendering a statusline with a multi-byte fill character on a very wide terminal. Version 9.2.0078 patches the issue...

2.2CVSS5.8AI score0.00142EPSS
Exploits0References7
OSV
OSV
added 2026/02/27 10:16 p.m.10 views

UBUNTU-CVE-2026-28418

Vim is an open source, command line text editor. Prior to version 9.2.0074, a heap-based buffer overflow out-of-bounds read exists in Vim's Emacs-style tags file parsing logic. When processing a malformed tags file, Vim can be tricked into reading up to 7 bytes beyond the allocated memory boundar...

5.5CVSS6.2AI score0.0022EPSS
Exploits0References7
UbuntuCve
UbuntuCve
added 2026/02/27 10:16 p.m.7 views

CVE-2026-28420

Vim is an open source, command line text editor. Prior to version 9.2.0076, a heap-based buffer overflow WRITE and an out-of-bounds READ exist in Vim's terminal emulator when processing maximum combining characters from Unicode supplementary planes. Version 9.2.0076 fixes the issue...

4.4CVSS6AI score0.00177EPSS
Exploits0References6
Rows per page
Query Builder