EUVD-2025-24191

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2025-55157

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vim is an open source, command line text editor. In versions from 9.1.1231 to before 9.1.1400, When processing nested tuples in Vim script, an error during...

CVE-2025-55158

A double-free vulnerability was found in Vim. This flaw allows an attacker to trick a user into processing a specially crafted file to trigger the double-free, causing the application to crash. Mitigation Do not run untrusted vim scripts as it's not recommended...

SUSE CVE-2025-55157

Vim is an open source, command line text editor. In versions from 9.1.1231 to before 9.1.1400, When processing nested tuples in Vim script, an error during evaluation can trigger a use-after-free in Vim's internal tuple reference management. Specifically, the tupleunref function may access alread...

CVE-2025-55158

Vim is an open source, command line text editor. In versions from 9.1.1231 to before 9.1.1406, when processing nested tuples during Vim9 script import operations, an error during evaluation can trigger a double-free in Vim’s internal typed value typvalT management. Specifically, the cleartv...

CVE-2025-55157

Vim is an open source, command line text editor. In versions from 9.1.1231 to before 9.1.1400, When processing nested tuples in Vim script, an error during evaluation can trigger a use-after-free in Vim’s internal tuple reference management. Specifically, the tupleunref function may access alread...

CVE-2025-55157

Vim is an open source, command line text editor. In versions from 9.1.1231 to before 9.1.1400, When processing nested tuples in Vim script, an error during evaluation can trigger a use-after-free in Vim’s internal tuple reference management. Specifically, the tupleunref function may access alread...

UBUNTU-CVE-2025-55158

Vim is an open source, command line text editor. In versions from 9.1.1231 to before 9.1.1406, when processing nested tuples during Vim9 script import operations, an error during evaluation can trigger a double-free in Vim’s internal typed value typvalT management. Specifically, the cleartv...

UBUNTU-CVE-2025-55157

Vim is an open source, command line text editor. In versions from 9.1.1231 to before 9.1.1400, When processing nested tuples in Vim script, an error during evaluation can trigger a use-after-free in Vim’s internal tuple reference management. Specifically, the tupleunref function may access alread...

CVE-2025-55157 Vim heap use-after-free vulnerability when processing recursive tuple data types

Vim is an open source, command line text editor. In versions from 9.1.1231 to before 9.1.1400, When processing nested tuples in Vim script, an error during evaluation can trigger a use-after-free in Vim’s internal tuple reference management. Specifically, the tupleunref function may access alread...

CVE-2025-55157

Vim is an open source, command line text editor. In versions from 9.1.1231 to before 9.1.1400, When processing nested tuples in Vim script, an error during evaluation can trigger a use-after-free in Vim’s internal tuple reference management. Specifically, the tupleunref function may access alread...

CVE-2025-55157

Vim (ed. notated as 9.1.x) is affected by CVE-2025-55157 in versions 9.1.1231 through before 9.1.1400. Root cause: use-after-free in internal tuple reference management (tuple_unref) when evaluating nested Vim script tuples, potentially allowing memory corruption. The exploit requires user intera...

CVE-2025-55157 Vim heap use-after-free vulnerability when processing recursive tuple data types

Vim is an open source, command line text editor. In versions from 9.1.1231 to before 9.1.1400, When processing nested tuples in Vim script, an error during evaluation can trigger a use-after-free in Vim’s internal tuple reference management. Specifically, the tupleunref function may access alread...

PT-2025-32593 · Vim · Vim

Name of the Vulnerable Software and Affected Versions: Vim versions 9.1.1231 through 9.1.1399 Description: Vim is a command line text editor. An error during evaluation when processing nested tuples in Vim script can trigger a use-after-free in Vim’s internal tuple reference management. The tuple...

CVE-2022-2581

A flaw was found in vim. The vulnerability occurs due to illegal memory access and leads to a heap buffer overflow. This flaw allows an attacker to input a specially crafted file, leading to a crash or code execution. Mitigation Untrusted vim scripts with -s scriptin are not recommended to run...

CVE-2022-0417

A flaw was found in vim. The vulnerability occurs due to illegal memory access and leads to a heap buffer overflow. This flaw allows an attacker to input a specially crafted file, leading to a crash or code execution. Mitigation Untrusted vim scripts with -s scriptin are not recommended to run...

Netrw Vim Script - 's:BrowserMaps()' Command Execution

source: https://www.securityfocus.com/bid/30254/info Netrw is prone to a command-execution vulnerability because the application fails to sufficiently sanitize user-supplied data. Successfully exploiting this issue can allow an attacker to execute arbitrary commands with the privileges of the use...

Netrw Vim脚本多个命令执行漏洞

BUGTRAQ ID: 30115 CNCAN ID：CNCAN-2008070807 Netrw是一款VIM的支持远程文件读写的插件。 Netrw不正确过滤用户提交的数据，远程攻击者可以利用漏洞以应用程序权限执行任意命令。 多个地方Netrw $VIMRUNTIME/autoload/netrw.vim没有正确过滤用于SHELL参数的文件名数据。 使用特殊构建的文件名调用mz''命令可导致任意代码执行。 使用特殊构建的目录名调用mc''命令可导致任意代码执行。 构建特殊的文件名或者特殊的目录名，运行D'命令可导致任意代码执行。 Dr Chip netrw 125 目前没有解决方案提供：...

Netrw 125 Vim Script - Multiple Command Execution Vulnerabilities

source: https://www.securityfocus.com/bid/30115/info Netrw is prone to multiple command-execution vulnerabilities because the application fails to sufficiently sanitize user-supplied data. Successfully exploiting these issues can allow an attacker to execute arbitrary commands with the privileges...

vim-exec.txt

Summary Product : Vim -- Vi IMproved Version : Tested with 7.1.314 and 6.4 Impact : Arbitrary code execution Wherefrom: Local and remote Original : http://www.rdancer.org/vulnerablevim.html Improper quoting in some parts of Vim written in the Vim Script can lead to arbitrary code execution upon...