CLSA-2026-1777558504 vim: Fix of 10 CVEs

CVE-2021-3928: in suggesttriewalk only credit a non-word-char boundary with SCORENONWORD when preword is non-empty, so spell suggestions do not read uninitialized memory behind preword. - CVE-2021-3974: in nfaregmatch NFAMARK / NFAMARKGT / NFAMARKLT, save reginput - regline and re-fetch regline...

CLSA-2026-1777545655 vim: Fix of 10 CVEs

CVE-2021-3928: in suggesttriewalk only credit a non-word-char boundary with SCORENONWORD when preword is non-empty, so spell suggestions do not read uninitialized memory behind preword. - CVE-2021-3974: in nfaregmatch NFAMARK / NFAMARKGT / NFAMARKLT, save reginput - regline and re-fetch regline...

Important: vim

Issue Overview: When switching to other buffers using the :all command and visual mode still being active, this may cause a heap-buffer overflow, because Vim does not properly end visual mode and therefore may try to access beyond the end of a line in a buffer. In Patch 9.1.1003 Vim will correctl...

Amazon Linux 2023 : vim-common, vim-data, vim-default-editor (ALAS2023-2026-1584)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1584 advisory. When switching to other buffers using the :all command and visual mode still being active, this may cause a heap-buffer overflow, because Vim does not properly end visual mode and therefore ma...

Unity Linux 20.1070e Security Update: vim (UTSA-2026-006151)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006151 advisory. When switching to other buffers using the :all command and visual mode still being active, this may cause a heap-buffer overflow, because Vim does not properly end...

CLSA-2026-1767712744 vim: Fix of 2 CVEs

CVE-2025-22134: correctly reset the visual mode before opening other windows and buffers - CVE-2025-24014: skip the redraw attempt that accesses an unallocated variable...

CLSA-2025-1765286037 Fix CVE(s): CVE-2025-22134

SECURITY UPDATE: Heap-buffer overflow when switching buffers in visual mode - debian/patches/CVE-2025-22134.patch: fix visual mode heap-buffer-overflow by resetting VIsual mode on :all - CVE-2025-22134...

CLSA-2025-1761576318 Fix CVE(s): CVE-2022-3520

SECURITY UPDATE: Heap-based Buffer Overflow in visual mode - debian/patches/CVE-2022-3520.patch: check that the column does not become negative - CVE-2022-3520...

EUVD-2021-28942

Malicious code in bioql PyPI...

EUVD-2025-2654

Malicious code in bioql PyPI...

CVE-2021-41947

A SQL injection vulnerability exists in Subrion CMS v4.2.1 in the visual-mode...

EulerOS 2.0 SP10 : vim (EulerOS-SA-2025-1542)

According to the versions of the vim packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : When switching to other buffers using the :all command and visual mode still being active, this may cause a heap-buffer overflow, because Vim does no...

EulerOS 2.0 SP12 : vim (EulerOS-SA-2025-1441)

According to the versions of the vim packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : When switching to other buffers using the :all command and visual mode still being active, this may cause a heap-buffer overflow, because Vim does no...

EulerOS 2.0 SP11 : vim (EulerOS-SA-2025-1379)

According to the versions of the vim packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : When switching to other buffers using the :all command and visual mode still being active, this may cause a heap-buffer overflow, because Vim does no...

Huawei EulerOS: Security Advisory for vim (EulerOS-SA-2025-1380)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP11 : vim (EulerOS-SA-2025-1380)

According to the versions of the vim packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : When switching to other buffers using the :all command and visual mode still being active, this may cause a heap-buffer overflow, because Vim does no...

Linux Distros Unpatched Vulnerability : CVE-2025-22134

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When switching to other buffers using the :all command and visual mode still being active, this may cause a heap-buffer overflow, because Vim does not properly...

Security update for vim

This update for vim fixes the following issues: Update to version 9.1.1101: CVE-2024-43790: possible out-of-bounds read when performing a search command bsc1229685. CVE-2024-43802: heap buffer overflow due to incorrect flushing of the typeahead buffer bsc1229822. CVE-2024-45306: heap buffer...

OESA-2025-1166 vim security update

Vim is an advanced text editor that seeks to provide the power of the de-facto Unix editor 'Vi', with a more complete feature set. Vim is a highly configurable text editor built to enable efficient text editing. It is an improved version of the vi editor distributed with most UNIX systems. Securi...

Azure Linux 3.0 Security Update: vim (CVE-2025-22134)

The version of vim installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-22134 advisory. - When switching to other buffers using the :all command and visual mode still being active, this May cause a...