Filtered by vendor Vim
Subscriptions
Filtered by product Vim
Subscriptions
Total
197 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-4733 | 3 Apple, Fedoraproject, Vim | 3 Macos, Fedora, Vim | 2025-02-13 | 7.8 High |
| Use After Free in GitHub repository vim/vim prior to 9.0.1840. | ||||
| CVE-2023-3896 | 1 Vim | 1 Vim | 2025-02-13 | 7.8 High |
| Divide By Zero in vim/vim from 9.0.1367-1 to 9.0.1367-3 | ||||
| CVE-2024-22667 | 2 Fedoraproject, Vim | 2 Fedora, Vim | 2025-02-05 | 7.8 High |
| Vim before 9.0.2142 has a stack-based buffer overflow because did_set_langmap in map.c calls sprintf to write to the error buffer that is passed down to the option callback functions. | ||||
| CVE-2023-0049 | 2 Fedoraproject, Vim | 2 Fedora, Vim | 2025-01-17 | 7.8 High |
| Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.1143. | ||||
| CVE-2020-20703 | 1 Vim | 1 Vim | 2024-12-10 | 9.8 Critical |
| Buffer Overflow vulnerability in VIM v.8.1.2135 allows a remote attacker to execute arbitrary code via the operand parameter. | ||||
| CVE-2024-41957 | 1 Vim | 1 Vim | 2024-11-29 | 4.5 Medium |
| Vim is an open source command line text editor. Vim < v9.1.0647 has double free in src/alloc.c:616. When closing a window, the corresponding tagstack data will be cleared and freed. However a bit later, the quickfix list belonging to that window will also be cleared and if that quickfix list points to the same tagstack data, Vim will try to free it again, resulting in a double-free/use-after-free access exception. Impact is low since the user must intentionally execute vim with several non-default flags, but it may cause a crash of Vim. The issue has been fixed as of Vim patch v9.1.0647 | ||||
| CVE-2023-2610 | 1 Vim | 1 Vim | 2024-11-29 | 7.8 High |
| Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0.1532. | ||||
| CVE-2024-45306 | 1 Vim | 1 Vim | 2024-11-21 | 4.5 Medium |
| Vim is an open source, command line text editor. Patch v9.1.0038 optimized how the cursor position is calculated and removed a loop, that verified that the cursor position always points inside a line and does not become invalid by pointing beyond the end of a line. Back then we assumed this loop is unnecessary. However, this change made it possible that the cursor position stays invalid and points beyond the end of a line, which would eventually cause a heap-buffer-overflow when trying to access the line pointer at the specified cursor position. It's not quite clear yet, what can lead to this situation that the cursor points to an invalid position. That's why patch v9.1.0707 does not include a test case. The only observed impact has been a program crash. This issue has been addressed in with the patch v9.1.0707. All users are advised to upgrade. | ||||
| CVE-2024-41965 | 1 Vim | 1 Vim | 2024-11-21 | 4.2 Medium |
| Vim is an open source command line text editor. double-free in dialog_changed() in Vim < v9.1.0648. When abandoning a buffer, Vim may ask the user what to do with the modified buffer. If the user wants the changed buffer to be saved, Vim may create a new Untitled file, if the buffer did not have a name yet. However, when setting the buffer name to Unnamed, Vim will falsely free a pointer twice, leading to a double-free and possibly later to a heap-use-after-free, which can lead to a crash. The issue has been fixed as of Vim patch v9.1.0648. | ||||
| CVE-2023-2609 | 2 Fedoraproject, Vim | 2 Fedora, Vim | 2024-11-21 | 5.5 Medium |
| NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.1531. | ||||
| CVE-2023-2426 | 1 Vim | 1 Vim | 2024-11-21 | 5.5 Medium |
| Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 9.0.1499. | ||||
| CVE-2023-1355 | 1 Vim | 1 Vim | 2024-11-21 | 5.5 Medium |
| NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.1402. | ||||
| CVE-2023-1264 | 2 Fedoraproject, Vim | 2 Fedora, Vim | 2024-11-21 | 5.5 Medium |
| NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.1392. | ||||
| CVE-2023-1175 | 1 Vim | 1 Vim | 2024-11-21 | 6.6 Medium |
| Incorrect Calculation of Buffer Size in GitHub repository vim/vim prior to 9.0.1378. | ||||
| CVE-2023-1170 | 1 Vim | 1 Vim | 2024-11-21 | 6.6 Medium |
| Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1376. | ||||
| CVE-2023-1127 | 2 Fedoraproject, Vim | 2 Fedora, Vim | 2024-11-21 | 7.8 High |
| Divide By Zero in GitHub repository vim/vim prior to 9.0.1367. | ||||
| CVE-2023-0512 | 1 Vim | 1 Vim | 2024-11-21 | 7.8 High |
| Divide By Zero in GitHub repository vim/vim prior to 9.0.1247. | ||||
| CVE-2023-0433 | 1 Vim | 1 Vim | 2024-11-21 | 7.8 High |
| Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1225. | ||||
| CVE-2023-0288 | 1 Vim | 1 Vim | 2024-11-21 | 7.8 High |
| Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1189. | ||||
| CVE-2023-0054 | 1 Vim | 1 Vim | 2024-11-21 | 7.8 High |
| Out-of-bounds Write in GitHub repository vim/vim prior to 9.0.1145. | ||||