32 matches found
CLSA-2026-1777542146 vim: Fix of 3 CVEs
CVE-2023-1170: at the end of doput ops.c, clamp the cursor column back to the line length and recompute coladd under virtualedit=all so a Visual block put past the new NUL no longer leaves the cursor pointing past end-of-line. - CVE-2023-1175: in opyank ops.c, when the yank starts inside a...
CVE-2023-31874
Yank Note YN 3.52.1 allows execution of arbitrary code when a crafted file is opened, e.g., via nodeRequire'childprocess'...
EUVD-2023-36164
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2022-4382
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-after-free flaw caused by a race among the superblock operations in the gadgetfs Linux driver was found. It could be triggered by yanking out a device tha...
CVE-2024-46838
...
Zerocopy: Some Ref methods are unsound with some type parameters
The Ref methods intoref, intomut, intoslice, and intoslicemut are unsound and may allow safe code to exhibit undefined behavior when used with Ref where B is cell::Ref or cell::RefMut. Note that these methods remain sound when used with B types other than cell::Ref or cell::RefMut. See...
GHSA-RJHF-4MH8-9XJQ Zerocopy: Some Ref methods are unsound with some type parameters
The Ref methods intoref, intomut, intoslice, and intoslicemut are unsound and may allow safe code to exhibit undefined behavior when used with Ref where B is cell::Ref or cell::RefMut. Note that these methods remain sound when used with B types other than cell::Ref or cell::RefMut. See...
Ref methods into_ref, into_mut, into_slice, and into_slice_mut are unsound when used with cell::Ref or cell::RefMut
This advisory is also published as RUSTSEC-2023-0074. The Ref methods intoref, intomut, intoslice, and intoslicemut are unsound and may allow safe code to exhibit undefined behavior when used with Ref where B is cell::Ref or cell::RefMut. Note that these methods remain sound when used with B type...
GHSA-3MV5-343C-W2QG Ref methods into_ref, into_mut, into_slice, and into_slice_mut are unsound when used with cell::Ref or cell::RefMut
This advisory is also published as RUSTSEC-2023-0074. The Ref methods intoref, intomut, intoslice, and intoslicemut are unsound and may allow safe code to exhibit undefined behavior when used with Ref where B is cell::Ref or cell::RefMut. Note that these methods remain sound when used with B type...
Some Ref methods are unsound with some type parameters
The Ref methods intoref, intomut, intoslice, and intoslicemut are unsound and may allow safe code to exhibit undefined behavior when used with Ref where B is cell::Ref or cell::RefMut. Note that these methods remain sound when used with B types other than cell::Ref or cell::RefMut. See...
The vulnerability in the yank_copy_line function of the register.c component of the Vim text editor allows a hacker to gain access to confidential data, compromise its integrity, and cause service interruptions.
The vulnerability of the yankcopyline function in the register.c component of the Vim text editor is related to incorrect calculation of buffer size. Exploiting this vulnerability may allow an attacker to access confidential data, compromise its integrity, and even cause service interruptions...
USN-6195-1 vim vulnerabilities
It was discovered that Vim contained an out-of-bounds read vulnerability. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. CVE-2022-0128 It was discovered that Vim did not properly manage memory when freeing allocated memory. An attacker could...
CVE-2023-31874
Yank Note YN 3.52.1 allows execution of arbitrary code when a crafted file is opened, e.g., via nodeRequire'childprocess'...
CVE-2023-31874
Yank Note YN 3.52.1 allows execution of arbitrary code when a crafted file is opened, e.g., via nodeRequire'childprocess'...
CVE-2023-31874
Yank Note YN 3.52.1 allows execution of arbitrary code when a crafted file is opened, e.g., via nodeRequire'childprocess'...
Code injection
Yank Note YN 3.52.1 allows execution of arbitrary code when a crafted file is opened, e.g., via nodeRequire'childprocess'...
CVE-2023-31874
Yank Note YN 3.52.1 allows execution of arbitrary code when a crafted file is opened, e.g., via nodeRequire'childprocess'...
CVE-2023-31874
Yank Note YN 3.52.1 allows execution of arbitrary code when a crafted file is opened, e.g., via nodeRequire'childprocess'...
PT-2023-23501 · Yank Note · Yank Note
Name of the Vulnerable Software and Affected Versions: Yank Note YN version 3.52.1 Description: The issue allows for the execution of arbitrary code when a crafted file is opened. This can be achieved, for example, via nodeRequire'child process'. Recommendations: For Yank Note YN version 3.52.1,...
CVE-2023-31874
CVE-2023-31874 affects Yank Note (YN) v3.52.1. The vulnerability allows execution of arbitrary code when opening a crafted file, driven by the app’s use of nodeRequire('child_process') in an Electron-based environment. Reported exploits/PoCs exist (e.g., PacketStorm/Exploit-DB materials), confirm...