Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vim vim vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-0316
Untrusted search path vulnerability in src/if_python.c in the Python interface in Vim prior to 7.2.045 allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to a vulnerability in the PySys_SetArgv function (CVE-2008-...
Vim Vim 5.7
Vim Vim 6.4
Vim Vim 3.0
Vim Vim 1.22
Vim Vim 6.3
Vim Vim 5.4
Vim Vim 7.1
Vim Vim 7.0
Vim Vim
Vim Vim 5.2
Vim Vim 5.3
Vim Vim 5.5
Vim Vim 6.2
Vim Vim 1.0
Vim Vim 5.8
Vim Vim 6.0
Vim Vim 5.6
Vim Vim 6.1
Vim Vim 5.1
Vim Vim 5.0
Vim Vim 4.0
NA
CVE-2008-4101
Vim 3.0 up to and including 7.x prior to 7.2.010 does not properly escape characters, which allows user-assisted malicious users to (1) execute arbitrary shell commands by entering a K keystroke on a line that contains a ";" (semicolon) followed by a command, or execute...
Vim Vim 5.7
Vim Vim 6.4
Vim Vim 3.0
Vim Vim 6.3
Vim Vim 5.4
Vim Vim 7.1
Vim Vim 7.0
Vim Vim
Vim Vim 5.2
Vim Vim 5.3
Vim Vim 5.5
Vim Vim 6.2
Vim Vim 5.8
Vim Vim 6.0
Vim Vim 5.6
Vim Vim 6.1
Vim Vim 5.1
Vim Vim 5.0
Vim Vim 4.0
1 EDB exploit
NA
CVE-2008-3294
src/configure.in in Vim 5.0 up to and including 7.1, when used for a build with Python support, does not ensure that the Makefile-conf temporary file has the intended ownership and permissions, which allows local users to execute arbitrary code by modifying this file during a tim...
Vim Vim 5.7
Vim Vim 6.4
Vim Vim 6.3
Vim Vim 5.4
Vim Vim 7.1
Vim Vim 7.0
Vim Vim 5.2
Vim Vim 5.3
Vim Vim 5.5
Vim Vim 6.2
Vim Vim 5.8
Vim Vim 6.0
Vim Vim 5.6
Vim Vim 6.1
Vim Vim 5.1
Vim Vim 5.0
NA
CVE-2004-1138
VIM prior to 6.3 and gVim prior to 6.3 allow local users to execute arbitrary commands via a file containing a crafted modeline that is executed when the file is viewed using options such as (1) termcap, (2) printdevice, (3) titleold, (4) filetype, (5) syntax, (6) backupext, (7) ...
Vim Development Group Vim 6.0
Vim Development Group Vim 5.4
Vim Development Group Vim 5.6
Vim Development Group Vim 5.3
Vim Development Group Vim 5.8
Vim Development Group Vim 5.0
Vim Development Group Vim 6.3.011
Vim Development Group Vim 5.5
Vim Development Group Vim 6.3.025
Vim Development Group Vim 6.3.044
Vim Development Group Vim 5.1
Vim Development Group Vim 5.2
Vim Development Group Vim 6.2
Vim Development Group Vim 5.7
Vim Development Group Vim 6.1
Vim Development Group Vim 6.3.030
NA
CVE-2002-1377
vim 6.0 and 6.1, and possibly other versions, allows malicious users to execute arbitrary commands using the libcall feature in modelines, which are not sandboxed but may be executed when vim is used to edit a malicious file, as demonstrated using mutt.
Vim Development Group Vim 6.0
Vim Development Group Vim 5.4
Vim Development Group Vim 5.6
Vim Development Group Vim 5.3
Vim Development Group Vim 5.8
Vim Development Group Vim 5.0
Vim Development Group Vim 5.5
Vim Development Group Vim 5.1
Vim Development Group Vim 5.2
Vim Development Group Vim 5.7
Vim Development Group Vim 6.1
NA
CVE-2008-3075
The shellescape function in Vim 7.0 up to and including 7.2, including 7.2a.10, allows user-assisted malicious users to execute arbitrary code via the "!" (exclamation point) shell metacharacter in (1) the filename of a ZIP archive and possibly (2) the filename of the f...
Vim Vim 7.1.266
Vim Zipplugin.vim V.14
Vim Zipplugin.vim V.12
Vim Vim 7.1
Vim Zipplugin.vim V.18
Vim Zipplugin.vim V.15
Vim Vim 7.0
Vim Zipplugin.vim V.19
Vim Vim 7.2
Vim Vim 7.2a.10
Vim Zipplugin.vim V.11
Vim Zipplugin.vim V.13
Vim Zipplugin.vim V.20
Vim Vim 7.1.314
Vim Zipplugin.vim V.17
Vim Zipplugin.vim V.16
Vim Zipplugin.vim V.21
NA
CVE-2010-3914
Untrusted search path vulnerability in VIM Development Group GVim prior to 7.3.034, and possibly other versions prior to 7.3.46, allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse User32.dll or other D...
Vim Gvim 7.3.025
Vim Gvim 7.3.024
Vim Gvim 7.3.016
Vim Gvim 7.3.04
Vim Gvim 7.3.021
Vim Gvim 7.3.07
Vim Gvim 7.3.012
Vim Gvim 7.3.02
Vim Gvim 7.3.019
Vim Gvim 7.3.010
Vim Gvim 7.3.05
Vim Gvim 7.3.026
Vim Gvim 7.3.018
Vim Gvim 7.3.022
Vim Gvim 7.3.013
Vim Gvim 7.3.015
Vim Gvim 7.3.03
Vim Gvim 7.3.09
Vim Gvim 7.3.08
Vim Gvim 7.3.020
Vim Gvim 7.3.030
Vim Gvim 7.3.029
NA
CVE-2008-3074
The shellescape function in Vim 7.0 up to and including 7.2, including 7.2a.10, allows user-assisted malicious users to execute arbitrary code via the "!" (exclamation point) shell metacharacter in (1) the filename of a tar archive and possibly (2) the filename of the f...
Vim Vim 7.1.266
Vim Tar.vim V.12
Vim Vim 7.1
Vim Vim 7.0
Vim Tar.vim V.11
Vim Tar.vim V.17
Vim Vim 7.2
Vim Tar.vim V.21
Vim Tar.vim V.14
Vim Tar.vim V.13
Vim Tar.vim V.16
Vim Tar.vim V.18
Vim Tar.vim V.22
Vim Tar.vim V.15
Vim Vim 7.1.314
Vim Tar.vim V.10
Vim Tar.vim V.20
Vim Tar.vim V.19
NA
CVE-2005-2368
vim 6.3 prior to 6.3.082, with modelines enabled, allows external user-assisted malicious users to execute arbitrary commands via shell metacharacters in the (1) glob or (2) expand commands of a foldexpr expression for calculating fold levels.
Vim Development Group Vim 6.3
Vim Development Group Vim 6.3.011
Vim Development Group Vim 6.3.081
Vim Development Group Vim 6.3.025
Vim Development Group Vim 6.3.044
Vim Development Group Vim 6.3.030
NA
CVE-2008-4677
autoload/netrw.vim (aka the Netrw Plugin) 109, 131, and other versions prior to 133k for Vim 7.1.266, other 7.1 versions, and 7.2 stores credentials for an FTP session, and sends those credentials when attempting to establish subsequent FTP sessions to servers on different hosts,...
Vim Netrw 109
Vim Netrw 110
Vim Netrw 111
Vim Netrw 112
Vim Netrw 113
Vim Netrw 114
Vim Netrw 115
Vim Netrw 116
Vim Netrw 118
Vim Netrw 120
Vim Netrw 121
Vim Netrw 122
Vim Netrw 123
Vim Netrw 128
Vim Netrw 131
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »