CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Heap based buffer overflow in vim/vim 9.0.0946 and below by allowing an attacker to CTRL-W gf in the expression used in the RHS of the substitute command...

7.8CVSS0.00047EPSS

Exploits1References7

Veracode•added 2022/08/30 12:18 a.m.•24 views

Denial Of Service (DoS)

vim/vim is vulnerable to denial of service. The vulnerability exists due to a null pointer occurs when using :mkspell with an empty .dic file which allows an attacker to cause an application crash...

5.5CVSS6.1AI score0.00037EPSS

Exploits1References6Affected Software1

Veracode•added 2022/06/26 4:59 p.m.•37 views

Denial Of Service (DoS)

vim is vulnerable to denial of service. The vulnerability exists due to the usage of invalid index when looking for spell suggestions which causes out-of-bound reads which then lead to an application crash...

7.8CVSS7.4AI score0.00174EPSS

Exploits1References17Affected Software1

RedhatCVE•added 2022/06/22 6:36 a.m.•33 views

CVE-2022-1720

A heap buffer over-read vulnerability was found in Vim's grabfilename function of the src/findfile.c file. This flaw occurs because the function reads after the NULL terminates the line with "gf" in Visual block mode. This flaw allows an attacker to trick a user into opening a specially crafted...

7.8CVSS2AI score0.00529EPSS

Exploits1References3

UbuntuCve•added 2022/01/14 1:15 p.m.•22 views

CVE-2022-0213

vim is vulnerable to Heap-based Buffer Overflow...

6.8CVSS6.9AI score0.00149EPSS

Exploits1References4

UbuntuCve•added 2022/01/06 5:15 p.m.•34 views

CVE-2022-0128

vim is vulnerable to Out-of-bounds Read...

7.8CVSS7.1AI score0.00341EPSS

Exploits1References2

Prion•added 2021/12/29 5:15 p.m.•17 views

Design/Logic Flaw

vim is vulnerable to Use After Free...

6.8CVSS6.9AI score0.0029EPSS

Exploits1References12Affected Software4

UbuntuCve•added 2021/12/25 7:15 p.m.•36 views

CVE-2021-4166

vim is vulnerable to Out-of-bounds Read...

7.1CVSS7.1AI score0.00368EPSS

Exploits1References2

UbuntuCve•added 2021/12/19 5:15 p.m.•39 views

CVE-2021-4136

vim is vulnerable to Heap-based Buffer Overflow...

7.8CVSS7.1AI score0.00301EPSS

Exploits1References3

NVD•added 2021/11/05 3:15 p.m.•17 views

CVE-2021-3928

vim is vulnerable to Use of Uninitialized Variable...

7.8CVSS0.00051EPSS

Exploits1References9

UbuntuCve•added 2021/09/06 12:15 p.m.•27 views

CVE-2021-3770

vim is vulnerable to Heap-based Buffer Overflow...

8.6CVSS7.1AI score0.00273EPSS

Exploits1References7

Debian CVE•added 2021/09/06 12:0 a.m.•20 views

CVE-2021-3770

vim is vulnerable to Heap-based Buffer Overflow...

8.6CVSS7.6AI score0.00273EPSS

Exploits1

Amazon•added 2019/08/07 12:0 a.m.•70 views

Important: vim

Issue Overview: It was found that the :source! command was not restricted by the sandbox mode. If modeline was explicitly enabled, opening a specially crafted text file in vim could result in arbitrary command execution. CVE-2019-12735 Affected Packages: vim Note: This advisory is applicable to...

9.3CVSS9.3AI score0.54077EPSS

Exploits5

seebug.org•added 2014/07/01 12:0 a.m.•15 views

Vim <= 7.1.314 - Insufficient Shell Escaping Multiple Command Execution Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/30795/info Vim is prone to multiple command-execution vulnerabilities because the application fails to sufficiently sanitize user-supplied data. Successfully exploiting these issues can allow an attacker to execute...

7.1AI score

Exploits0

Cvelist•added 2008/06/16 9:0 p.m.•23 views

CVE-2008-2712

Vim 7.1.314, 6.4, and other versions allows user-assisted remote attackers to execute arbitrary commands via Vim scripts that do not properly sanitize inputs before invoking the execute or system functions, as demonstrated using 1 filetype.vim, 3 xpm.vim, 4 gzipvim, and 5 netrw. NOTE: the...

9.2AI score0.16974EPSS

Exploits0References40

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by