Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vim vim vulnerabilities and exploits
(subscribe to this query)
614
VMScore
CVE-2009-0316
Untrusted search path vulnerability in src/if_python.c in the Python interface in Vim prior to 7.2.045 allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to a vulnerability in the PySys_SetArgv function (CVE-2008-...
Vim Vim 6.1
Vim Vim 6.0
Vim Vim 5.2
Vim Vim 5.1
Vim Vim 7.0
Vim Vim 6.4
Vim Vim 5.6
Vim Vim 5.5
Vim Vim 3.0
Vim Vim 1.22
Vim Vim 1.0
Vim Vim 6.3
Vim Vim 6.2
Vim Vim 5.4
Vim Vim 5.3
Vim Vim
Vim Vim 7.1
Vim Vim 5.8
Vim Vim 5.7
Vim Vim 5.0
Vim Vim 4.0
935
VMScore
CVE-2008-4101
Vim 3.0 up to and including 7.x prior to 7.2.010 does not properly escape characters, which allows user-assisted malicious users to (1) execute arbitrary shell commands by entering a K keystroke on a line that contains a ";" (semicolon) followed by a command, or execute...
Vim Vim 5.2
Vim Vim 5.3
Vim Vim 6.1
Vim Vim 6.2
Vim Vim 5.4
Vim Vim 5.5
Vim Vim 6.3
Vim Vim 6.4
Vim Vim 5.0
Vim Vim 5.1
Vim Vim 5.8
Vim Vim 6.0
Vim Vim
Vim Vim 3.0
Vim Vim 4.0
Vim Vim 5.6
Vim Vim 5.7
Vim Vim 7.0
Vim Vim 7.1
1 EDB exploit
329
VMScore
CVE-2008-3294
src/configure.in in Vim 5.0 up to and including 7.1, when used for a build with Python support, does not ensure that the Makefile-conf temporary file has the intended ownership and permissions, which allows local users to execute arbitrary code by modifying this file during a tim...
Vim Vim 6.3
Vim Vim 6.2
Vim Vim 5.4
Vim Vim 5.3
Vim Vim 5.8
Vim Vim 5.7
Vim Vim 5.0
Vim Vim 7.1
Vim Vim 7.0
Vim Vim 6.4
Vim Vim 5.6
Vim Vim 5.5
Vim Vim 6.1
Vim Vim 6.0
Vim Vim 5.2
Vim Vim 5.1
641
VMScore
CVE-2004-1138
VIM prior to 6.3 and gVim prior to 6.3 allow local users to execute arbitrary commands via a file containing a crafted modeline that is executed when the file is viewed using options such as (1) termcap, (2) printdevice, (3) titleold, (4) filetype, (5) syntax, (6) backupext, (7) ...
Vim Development Group Vim 5.6
Vim Development Group Vim 5.7
Vim Development Group Vim 5.8
Vim Development Group Vim 6.3.044
Vim Development Group Vim 5.2
Vim Development Group Vim 5.3
Vim Development Group Vim 6.2
Vim Development Group Vim 6.3.011
Vim Development Group Vim 5.4
Vim Development Group Vim 5.5
Vim Development Group Vim 6.3.025
Vim Development Group Vim 6.3.030
Vim Development Group Vim 5.0
Vim Development Group Vim 5.1
Vim Development Group Vim 6.0
Vim Development Group Vim 6.1
409
VMScore
CVE-2002-1377
vim 6.0 and 6.1, and possibly other versions, allows malicious users to execute arbitrary commands using the libcall feature in modelines, which are not sandboxed but may be executed when vim is used to edit a malicious file, as demonstrated using mutt.
Vim Development Group Vim 5.0
Vim Development Group Vim 5.1
Vim Development Group Vim 5.8
Vim Development Group Vim 6.0
Vim Development Group Vim 6.1
Vim Development Group Vim 5.2
Vim Development Group Vim 5.3
Vim Development Group Vim 5.4
Vim Development Group Vim 5.5
Vim Development Group Vim 5.6
Vim Development Group Vim 5.7
828
VMScore
CVE-2008-3075
The shellescape function in Vim 7.0 up to and including 7.2, including 7.2a.10, allows user-assisted malicious users to execute arbitrary code via the "!" (exclamation point) shell metacharacter in (1) the filename of a ZIP archive and possibly (2) the filename of the f...
Vim Vim 7.1.266
Vim Vim 7.1
Vim Vim 7.2
Vim Vim 7.1.314
Vim Zipplugin.vim V.19
Vim Zipplugin.vim V.18
Vim Vim 7.0
Vim Vim 7.2a.10
Vim Zipplugin.vim V.15
Vim Zipplugin.vim V.14
Vim Zipplugin.vim V.13
Vim Zipplugin.vim V.17
Vim Zipplugin.vim V.16
Vim Zipplugin.vim V.21
Vim Zipplugin.vim V.20
Vim Zipplugin.vim V.12
Vim Zipplugin.vim V.11
828
VMScore
CVE-2010-3914
Untrusted search path vulnerability in VIM Development Group GVim prior to 7.3.034, and possibly other versions prior to 7.3.46, allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse User32.dll or other D...
Vim Gvim 7.3.025
Vim Gvim 7.3.024
Vim Gvim 7.3.023
Vim Gvim 7.3.022
Vim Gvim 7.3.08
Vim Gvim 7.3.07
Vim Gvim 7.3.06
Vim Gvim 7.3.05
Vim Gvim
Vim Gvim 7.3.032
Vim Gvim 7.3.031
Vim Gvim 7.3.030
Vim Gvim 7.3.017
Vim Gvim 7.3.016
Vim Gvim 7.3.015
Vim Gvim 7.3.014
Vim Gvim 7.3.029
Vim Gvim 7.3.028
Vim Gvim 7.3.020
Vim Gvim 7.3.018
Vim Gvim 7.3.013
Vim Gvim 7.3.011
828
VMScore
CVE-2008-3074
The shellescape function in Vim 7.0 up to and including 7.2, including 7.2a.10, allows user-assisted malicious users to execute arbitrary code via the "!" (exclamation point) shell metacharacter in (1) the filename of a tar archive and possibly (2) the filename of the f...
Vim Vim 7.2
Vim Tar.vim V.12
Vim Tar.vim V.13
Vim Tar.vim V.20
Vim Tar.vim V.21
Vim Vim 7.1
Vim Vim 7.0
Vim Tar.vim V.16
Vim Tar.vim V.17
Vim Vim 7.1.314
Vim Vim 7.1.266
Vim Tar.vim V.14
Vim Tar.vim V.15
Vim Tar.vim V.22
Vim Tar.vim V.10
Vim Tar.vim V.11
Vim Tar.vim V.18
Vim Tar.vim V.19
828
VMScore
CVE-2005-2368
vim 6.3 prior to 6.3.082, with modelines enabled, allows external user-assisted malicious users to execute arbitrary commands via shell metacharacters in the (1) glob or (2) expand commands of a foldexpr expression for calculating fold levels.
Vim Development Group Vim 6.3.081
Vim Development Group Vim 6.3
Vim Development Group Vim 6.3.011
Vim Development Group Vim 6.3.025
Vim Development Group Vim 6.3.030
Vim Development Group Vim 6.3.044
383
VMScore
CVE-2008-4677
autoload/netrw.vim (aka the Netrw Plugin) 109, 131, and other versions prior to 133k for Vim 7.1.266, other 7.1 versions, and 7.2 stores credentials for an FTP session, and sends those credentials when attempting to establish subsequent FTP sessions to servers on different hosts,...
Vim Netrw 109
Vim Netrw 131
Vim Netrw 116
Vim Netrw 118
Vim Netrw 112
Vim Netrw 113
Vim Netrw 122
Vim Netrw 123
Vim Netrw 114
Vim Netrw 115
Vim Netrw 128
Vim Netrw 110
Vim Netrw 111
Vim Netrw 120
Vim Netrw 121
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4946
CVE-2024-30309
CVE-2024-4761
CVE-2024-30051
type confusion
memory leak
CVE-2024-30293
reflected XSS
CVE-2024-3126
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »