62 matches found
CLSA-2023-1695063445 vim: Fix of CVE-2023-4733
CVE-2023-4733: verify oldwin pointer after resetVIsual...
USN-6026-1 vim vulnerabilities
It was discovered that Vim was incorrectly processing Vim buffers. An attacker could possibly use this issue to perform illegal memory access and expose sensitive information. This issue only affected Ubuntu 20.04 LTS. CVE-2021-4166 It was discovered that Vim was using freed memory when dealing...
SUSE CVE-2017-2928
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable memory corruption vulnerability related to setting visual mode effects. Successful exploitation could lead to arbitrary code execution...
ANSI Escape Sequence Injection
Description Injection of escape sequences opens up the possibility for concealing / modifying viewed data, and code execution as some esc seqs feed data back to stdin. Proof of Concept poc So far, the places I managed to find a successful injection are: - when running id from the file name - func...
CLSA-2022-1658171898 Fixed 7 CVEs in vim
CVE-2022-2206: adjust cmdlinerow and msgrow to the value of Rows - CVE-2022-2284: stop visual mode when closing a window - CVE-2022-2285: put a NUL after the typeahead - CVE-2022-2286: check the length of the string - CVE-2022-2287: disallow adding a word with control characters or a trailing...
CLSA-2022-1653933185 Fixed CVEs in vim: CVE-2022-1735, CVE-2022-1733
CVE-2022-1733: fix reading past end of the line when C-indenting - CVE-2022-1735: fix invalid memory access caused by changing text in Visual mode...
CLSA-2022-1653932706 Fixed CVEs in vim: CVE-2022-1733, CVE-2022-1735
CVE-2022-1733: fix reading past end of the line when C-indenting - CVE-2022-1735: fix invalid memory access caused by changing text in Visual mode...
CLSA-2022-1653917554 Fix CVE(s): CVE-2022-1733, CVE-2022-1735
SECURITY UPDATE: Reading past end of the line when C-indenting - debian/patches/CVE-2022-1733.patch: Add extra check for NUL - CVE-2022-1733 SECURITY UPDATE: Invalid memory access when changing text in Visual mode - debian/patches/CVE-2022-1735.patch: Check the Visual position after making a chan...
USN-5433-1 vim vulnerabilities
It was discovered that Vim incorrectly handled parsing of filenames in its search functionality. If a user were tricked into opening a specially crafted file, an attacker could crash the application, leading to a denial of service. CVE-2021-3973 It was discovered that Vim incorrectly handled memo...
vim: Illegal memory access when copying lines in visual mode leads to heap buffer overflow
A flaw was found in vim. The vulnerability occurs due to illegal memory access when copying lines in visual mode and leads to a heap buffer overflow. This flaw allows an attacker to input a specially crafted file, leading to a crash or code execution...
CLSA-2022-1644855867 Fix CVE(s): CVE-2022-0351, CVE-2022-0359, CVE-2022-0368, CVE-2022-0361
SECURITY UPDATE: Condition with many "" causes a crash - debian/patches/CVE-2022-0351.patch: Limit recursion depth to 1000 - CVE-2022-0351 SECURITY UPDATE: Illegal memory access with large tabstop in Ex mode - debian/patches/CVE-2022-0359.patch: Allocate enough memory - CVE-2022-0359 SECURITY...
CLSA-2022-1644855795 Fixed CVEs in vim: CVE-2022-0359, CVE-2022-0351, CVE-2022-0368, CVE-2022-0361
CVE-2022-0351: fix crash caused by too depth recursion - CVE-2022-0359: fix illegal memory access with large tabstop in ex mode - CVE-2022-0361: fix illegal memory access when copying lines in visual mode - CVE-2022-0368: fix illegal memory access when undo makes visual area invalid...
Fix of CVE: CVE-2022-0351, CVE-2022-0368, CVE-2022-0359, CVE-2022-0361
CVE-2022-0351: fix crash caused by too depth recursion - CVE-2022-0359: fix illegal memory access with large tabstop in ex mode - CVE-2022-0361: fix illegal memory access when copying lines in visual mode - CVE-2022-0368: fix illegal memory access when undo makes visual area invalid...
Subrion SQL Injection Vulnerability
Subrion is a powerful and easy-to-use PHP content management system with powerful features such as full-source editing, per-page permissions, user activity monitoring, etc. A SQL injection vulnerability exists in visual-mode in Subrion version 4.2.1. An attacker can use this vulnerability to obta...
CVE-2021-41947
A SQL injection vulnerability exists in Subrion CMS v4.2.1 in the visual-mode...
CVE-2021-41947
A SQL injection vulnerability exists in Subrion CMS v4.2.1 in the visual-mode...
Sql injection
A SQL injection vulnerability exists in Subrion CMS v4.2.1 in the visual-mode...
CVE-2021-41947
A SQL injection vulnerability exists in Subrion CMS v4.2.1 in the visual-mode...
Subrion CMS SQL注入漏洞
Subrion is a powerful and easy-to-use PHP content management system with powerful features such as full-source editing, per-page permissions, user activity monitoring, etc. A SQL injection vulnerability exists in visual-mode in Subrion version 4.2.1. An attacker can use this vulnerability to obta...
[ASA-201701-17] lib32-flashplugin: multiple issues
Arch Linux Security Advisory ASA-201701-17 ========================================== Severity: Critical Date : 2017-01-12 CVE-ID : CVE-2017-2925 CVE-2017-2926 CVE-2017-2927 CVE-2017-2928 CVE-2017-2930 CVE-2017-2931 CVE-2017-2932 CVE-2017-2933 CVE-2017-2934 CVE-2017-2935 CVE-2017-2936 CVE-2017-29...