Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Vim
(Vim)Repositories |
• https://github.com/vim/vim
• https://github.com/neovim/neovim |
#Vulnerabilities | 196 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2024-02-05 | CVE-2024-22667 | Vim before 9.0.2142 has a stack-based buffer overflow because did_set_langmap in map.c calls sprintf to write to the error buffer that is passed down to the option callback functions. | Fedora, Vim | 7.8 | ||
2023-08-07 | CVE-2023-3896 | Divide By Zero in vim/vim from 9.0.1367-1 to 9.0.1367-3 | Vim | 7.8 | ||
2023-10-27 | CVE-2023-46246 | Vim is an improved version of the good old UNIX editor Vi. Heap-use-after-free in memory allocated in the function `ga_grow_inner` in in the file `src/alloc.c` at line 748, which is freed in the file `src/ex_docmd.c` in the function `do_cmdline` at line 1010 and then used again in `src/cmdhist.c` at line 759. When using the `:history` command, it's possible that the provided argument overflows the accepted value. Causing an Integer Overflow and potentially later an use-after-free. This... | Vim | 5.5 | ||
2023-01-04 | CVE-2023-0049 | Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.1143. | Fedora, Vim | 7.8 | ||
2023-06-20 | CVE-2020-20703 | Buffer Overflow vulnerability in VIM v.8.1.2135 allows a remote attacker to execute arbitrary code via the operand parameter. | Vim | 9.8 | ||
2023-05-09 | CVE-2023-2610 | Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0.1532. | Vim | 7.8 | ||
2024-08-01 | CVE-2024-41957 | Vim is an open source command line text editor. Vim < v9.1.0647 has double free in src/alloc.c:616. When closing a window, the corresponding tagstack data will be cleared and freed. However a bit later, the quickfix list belonging to that window will also be cleared and if that quickfix list points to the same tagstack data, Vim will try to free it again, resulting in a double-free/use-after-free access exception. Impact is low since the user must intentionally execute vim with several... | Vim | 5.3 | ||
2021-09-06 | CVE-2021-3770 | vim is vulnerable to Heap-based Buffer Overflow | Fedora, Ontap_select_deploy_administration_utility, Vim | 7.8 | ||
2021-09-15 | CVE-2021-3778 | vim is vulnerable to Heap-based Buffer Overflow | Debian_linux, Fedora, Ontap_select_deploy_administration_utility, Vim | 7.8 | ||
2021-09-15 | CVE-2021-3796 | vim is vulnerable to Use After Free | Debian_linux, Fedora, Ontap_select_deploy_administration_utility, Vim | 7.3 |