Vim Security Vulnerabilities and Issues — Page 2 of Vim CVE List

Lucene search

VimVim

126 matches found

CVE•added 2021/12/19 5:15 p.m.•180 views

CVE-2021-4136

vim is vulnerable to Heap-based Buffer Overflow

7.8CVSS8.3AI score0.00154EPSS

CVE•added 2023/08/07 1:15 p.m.•175 views

CVE-2023-3896

Divide By Zero in vim/vim from 9.0.1367-1 to 9.0.1367-3

7.8CVSS5.5AI score0.00445EPSS

CVE•added 2022/05/07 7:15 p.m.•173 views

CVE-2022-1616

Use after free in append_command in GitHub repository vim/vim prior to 8.2.4895. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution

7.8CVSS7.9AI score0.00088EPSS

CVE•added 2022/06/02 2:15 p.m.•172 views

CVE-2022-1968

Use After Free in GitHub repository vim/vim prior to 8.2.

7.8CVSS7.7AI score0.00129EPSS

CVE•added 2022/09/25 7:15 p.m.•169 views

CVE-2022-3297

Use After Free in GitHub repository vim/vim prior to 9.0.0579.

7.8CVSS7.7AI score0.00056EPSS

CVE•added 2022/09/25 5:15 p.m.•168 views

CVE-2022-3296

Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0577.

7.8CVSS7.7AI score0.00052EPSS

CVE•added 2022/01/06 5:15 p.m.•167 views

CVE-2022-0128

vim is vulnerable to Out-of-bounds Read

7.8CVSS7.6AI score0.00239EPSS

CVE•added 2022/06/10 7:15 p.m.•166 views

CVE-2022-2042

Use After Free in GitHub repository vim/vim prior to 8.2.

7.8CVSS7.6AI score0.00122EPSS

CVE•added 2022/05/17 5:15 p.m.•165 views

CVE-2022-1733

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4968.

7.8CVSS7.1AI score0.00038EPSS

CVE•added 2022/09/17 10:15 p.m.•165 views

CVE-2022-3234

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0483.

7.8CVSS7.8AI score0.00052EPSS

CVE•added 2022/09/18 8:15 p.m.•163 views

CVE-2022-3235

Use After Free in GitHub repository vim/vim prior to 9.0.0490.

7.8CVSS7.7AI score0.00049EPSS

CVE•added 2021/10/15 2:15 p.m.•161 views

CVE-2021-3875

vim is vulnerable to Heap-based Buffer Overflow

7.8CVSS6.3AI score0.00108EPSS

CVE•added 2022/06/28 8:15 p.m.•161 views

CVE-2022-2231

NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.

7.8CVSS6.4AI score0.00072EPSS

CVE•added 2021/12/27 1:15 p.m.•160 views

CVE-2021-4173

vim is vulnerable to Use After Free

7.8CVSS7.4AI score0.00206EPSS

CVE•added 2023/09/05 7:15 p.m.•160 views

CVE-2023-4781

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1873.

7.8CVSS7.7AI score0.00031EPSS

CVE•added 2022/05/08 10:15 a.m.•158 views

CVE-2022-1619

Heap-based Buffer Overflow in function cmdline_erase_chars in GitHub repository vim/vim prior to 8.2.4899. This vulnerabilities are capable of crashing software, modify memory, and possible remote execution

7.8CVSS7.3AI score0.00387EPSS

CVE•added 2021/12/29 5:15 p.m.•157 views

CVE-2021-4187

vim is vulnerable to Use After Free

7.8CVSS7.9AI score0.00354EPSS

CVE•added 2023/10/11 8:15 p.m.•157 views

CVE-2023-5535

Use After Free in GitHub repository vim/vim prior to v9.0.2010.

7.8CVSS7.7AI score0.00023EPSS

CVE•added 2022/05/19 1:15 p.m.•156 views

CVE-2022-1785

Out-of-bounds Write in GitHub repository vim/vim prior to 8.2.4977.

7.8CVSS7.6AI score0.00033EPSS

CVE•added 2022/06/27 12:15 p.m.•154 views

CVE-2022-2207

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.

7.8CVSS7.8AI score0.00114EPSS

CVE•added 2022/12/03 1:15 p.m.•154 views

CVE-2022-3491

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0742.

7.8CVSS5.8AI score0.00018EPSS

CVE•added 2019/12/30 1:15 a.m.•152 views

CVE-2019-20079

The autocmd feature in window.c in Vim before 8.1.2136 accesses freed memory.

7.8CVSS7.5AI score0.00194EPSS

CVE•added 2022/06/19 12:15 p.m.•152 views

CVE-2022-2125

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.

7.8CVSS7.8AI score0.00153EPSS

CVE•added 2022/07/08 10:15 p.m.•152 views

CVE-2022-2345

Use After Free in GitHub repository vim/vim prior to 9.0.0046.

7.8CVSS7.8AI score0.00036EPSS

CVE•added 2023/01/30 4:15 p.m.•152 views

CVE-2023-0512

Divide By Zero in GitHub repository vim/vim prior to 9.0.1247.

7.8CVSS7.3AI score0.00013EPSS

CVE•added 2022/09/29 12:15 p.m.•150 views

CVE-2022-3352

Use After Free in GitHub repository vim/vim prior to 9.0.0614.

7.8CVSS7.8AI score0.00021EPSS

CVE•added 2022/12/02 5:15 p.m.•146 views

CVE-2022-3591

Use After Free in GitHub repository vim/vim prior to 9.0.0789.

7.8CVSS7.7AI score0.00075EPSS

CVE•added 2024/02/05 8:15 a.m.•146 views

CVE-2024-22667

Vim before 9.0.2142 has a stack-based buffer overflow because did_set_langmap in map.c calls sprintf to write to the error buffer that is passed down to the option callback functions.

7.8CVSS7.7AI score0.00179EPSS

CVE•added 2022/05/27 9:15 a.m.•143 views

CVE-2022-1898

Use After Free in GitHub repository vim/vim prior to 8.2.

7.8CVSS7.8AI score0.00187EPSS

CVE•added 2022/03/30 7:15 p.m.•140 views

CVE-2022-1160

heap buffer overflow in get_one_sourceline in GitHub repository vim/vim prior to 8.2.4647.

7.8CVSS7.6AI score0.00115EPSS

CVE•added 2022/05/17 7:15 p.m.•140 views

CVE-2022-1735

Classic Buffer Overflow in GitHub repository vim/vim prior to 8.2.4969.

7.8CVSS7AI score0.0017EPSS

CVE•added 2022/05/25 1:15 p.m.•140 views

CVE-2022-1851

Out-of-bounds Read in GitHub repository vim/vim prior to 8.2.

7.8CVSS7.7AI score0.0011EPSS

CVE•added 2022/06/27 1:15 p.m.•139 views

CVE-2022-2208

NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.5163.

7.8CVSS6.5AI score0.00062EPSS

CVE•added 2022/09/06 8:15 p.m.•139 views

CVE-2022-3134

Use After Free in GitHub repository vim/vim prior to 9.0.0389.

7.8CVSS7.7AI score0.00033EPSS

CVE•added 2022/06/20 3:15 p.m.•138 views

CVE-2022-1720

Buffer Over-read in function grab_file_name in GitHub repository vim/vim prior to 8.2.4956. This vulnerability is capable of crashing the software, memory modification, and possible remote execution.

7.8CVSS7AI score0.00595EPSS

CVE•added 2022/06/26 7:15 p.m.•138 views

CVE-2022-2206

Out-of-bounds Read in GitHub repository vim/vim prior to 8.2.

7.8CVSS7.7AI score0.00108EPSS

CVE•added 2022/08/30 9:15 p.m.•138 views

CVE-2022-3037

Use After Free in GitHub repository vim/vim prior to 9.0.0322.

7.8CVSS7.7AI score0.00044EPSS

CVE•added 2022/05/19 4:15 p.m.•136 views

CVE-2022-1796

Use After Free in GitHub repository vim/vim prior to 8.2.4979.

7.8CVSS7AI score0.00061EPSS

CVE•added 2022/06/19 1:15 p.m.•132 views

CVE-2022-2126

Out-of-bounds Read in GitHub repository vim/vim prior to 8.2.

7.8CVSS7.8AI score0.00097EPSS

CVE•added 2023/01/20 7:15 p.m.•129 views

CVE-2022-47024

A null pointer dereference issue was discovered in function gui_x11_create_blank_mouse in gui_x11.c in vim 8.1.2269 thru 9.0.0339 allows attackers to cause denial of service or other unspecified impacts.

7.8CVSS7.2AI score0.00039EPSS

CVE•added 2022/08/25 8:15 p.m.•128 views

CVE-2022-2982

Use After Free in GitHub repository vim/vim prior to 9.0.0260.

7.8CVSS7.6AI score0.00046EPSS

CVE•added 2025/02/12 7:15 p.m.•128 views

CVE-2025-1215

A vulnerability classified as problematic was found in vim up to 9.1.1096. This vulnerability affects unknown code of the file src/main.c. The manipulation of the argument --log leads to memory corruption. It is possible to launch the attack on the local host. Upgrading to version 9.1.1097 is able ...

7.8CVSS4AI score0.00112EPSS

CVE•added 2022/06/27 4:15 p.m.•126 views

CVE-2022-2210

Out-of-bounds Write in GitHub repository vim/vim prior to 8.2.

7.8CVSS7.7AI score0.00114EPSS

CVE•added 2022/01/30 2:15 p.m.•125 views

CVE-2022-0407

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.

7.8CVSS6.4AI score0.00074EPSS

CVE•added 2017/07/08 5:29 p.m.•124 views

CVE-2017-11109

Vim 8.0 allows attackers to cause a denial of service (invalid free) or possibly have unspecified other impact via a crafted source (aka -S) file. NOTE: there might be a limited number of scenarios in which this has security relevance.

7.8CVSS6.7AI score0.00281EPSS

CVE•added 2022/06/19 10:15 a.m.•122 views

CVE-2022-2124

Buffer Over-read in GitHub repository vim/vim prior to 8.2.

7.8CVSS7.8AI score0.00098EPSS

CVE•added 2023/03/03 11:15 p.m.•122 views

CVE-2023-1170

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1376.

7.3CVSS7AI score0.00051EPSS

CVE•added 2022/05/17 5:15 p.m.•121 views

CVE-2022-1769

Buffer Over-read in GitHub repository vim/vim prior to 8.2.4974.