Product:

Vim

(Vim)
Repositories https://github.com/vim/vim
https://github.com/neovim/neovim
#Vulnerabilities 196
Date Id Summary Products Score Patch Annotated
2024-02-05 CVE-2024-22667 Vim before 9.0.2142 has a stack-based buffer overflow because did_set_langmap in map.c calls sprintf to write to the error buffer that is passed down to the option callback functions. Fedora, Vim 7.8
2023-08-07 CVE-2023-3896 Divide By Zero in vim/vim from 9.0.1367-1 to 9.0.1367-3 Vim 7.8
2023-10-27 CVE-2023-46246 Vim is an improved version of the good old UNIX editor Vi. Heap-use-after-free in memory allocated in the function `ga_grow_inner` in in the file `src/alloc.c` at line 748, which is freed in the file `src/ex_docmd.c` in the function `do_cmdline` at line 1010 and then used again in `src/cmdhist.c` at line 759. When using the `:history` command, it's possible that the provided argument overflows the accepted value. Causing an Integer Overflow and potentially later an use-after-free. This... Vim 5.5
2023-01-04 CVE-2023-0049 Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.1143. Fedora, Vim 7.8
2023-06-20 CVE-2020-20703 Buffer Overflow vulnerability in VIM v.8.1.2135 allows a remote attacker to execute arbitrary code via the operand parameter. Vim 9.8
2023-05-09 CVE-2023-2610 Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0.1532. Vim 7.8
2024-08-01 CVE-2024-41957 Vim is an open source command line text editor. Vim < v9.1.0647 has double free in src/alloc.c:616. When closing a window, the corresponding tagstack data will be cleared and freed. However a bit later, the quickfix list belonging to that window will also be cleared and if that quickfix list points to the same tagstack data, Vim will try to free it again, resulting in a double-free/use-after-free access exception. Impact is low since the user must intentionally execute vim with several... Vim 5.3
2021-09-06 CVE-2021-3770 vim is vulnerable to Heap-based Buffer Overflow Fedora, Ontap_select_deploy_administration_utility, Vim 7.8
2021-09-15 CVE-2021-3778 vim is vulnerable to Heap-based Buffer Overflow Debian_linux, Fedora, Ontap_select_deploy_administration_utility, Vim 7.8
2021-09-15 CVE-2021-3796 vim is vulnerable to Use After Free Debian_linux, Fedora, Ontap_select_deploy_administration_utility, Vim 7.3