Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vim vulnerabilities and exploits
(subscribe to this query)
8.5
CVSSv2
CVE-2021-3968
vim is vulnerable to Heap-based Buffer Overflow
Vim Vim
Fedoraproject Fedora 34
Fedoraproject Fedora 35
8.5
CVSSv2
CVE-2018-11319
Syntastic (aka vim-syntastic) up to and including 3.9.0 does not properly handle searches for configuration files (it searches the current directory up to potentially the root). This improper handling might be exploited for arbitrary code execution via a malicious gcc plugin, if ...
Syntastic Project Syntastic
Debian Debian Linux 8.0
Debian Debian Linux 9.0
7.6
CVSSv2
CVE-2007-2438
The sandbox for vim allows dangerous functions such as (1) writefile, (2) feedkeys, and (3) system, which might allow user-assisted malicious users to execute shell commands and write files via modelines.
Vim Development Group Vim 7.0
3 Github repositories
7.5
CVSSv2
CVE-2022-0318
Heap-based Buffer Overflow in vim/vim before 8.2.
Vim Vim
Apple Macos
Debian Debian Linux 10.0
7.5
CVSSv2
CVE-2020-9769
Multiple issues were addressed by updating to version 8.1.1850. This issue is fixed in macOS Catalina 10.15.4. Multiple issues in Vim.
Apple Mac Os X
1 Article
7.5
CVSSv2
CVE-2017-1000212
Elixir's vim plugin, alchemist.vim is vulnerable to remote code execution in the bundled alchemist-server. A malicious website can execute requests against an ephemeral port on localhost that are then evaluated as elixir code.
Alchemist-elixir Alchemist-server -
7.5
CVSSv2
CVE-2017-6350
An integer overflow at an unserialize_uep memory allocation site would occur for vim before patch 8.0.0378, if it does not properly validate values for tree length when reading a corrupted undo file, which may lead to resultant buffer overflows.
Vim Vim
7.5
CVSSv2
CVE-2017-6349
An integer overflow at a u_read_undo memory allocation site would occur for vim before patch 8.0.0377, if it does not properly validate values for tree length when reading a corrupted undo file, which may lead to resultant buffer overflows.
Vim Vim
7.5
CVSSv2
CVE-2017-5953
vim before patch 8.0.0322 does not properly validate values for tree length when handling a spell file, which may result in an integer overflow at a memory allocation site and a resultant buffer overflow.
Vim Vim
7.2
CVSSv2
CVE-2004-1138
VIM prior to 6.3 and gVim prior to 6.3 allow local users to execute arbitrary commands via a file containing a crafted modeline that is executed when the file is viewed using options such as (1) termcap, (2) printdevice, (3) titleold, (4) filetype, (5) syntax, (6) backupext, (7) ...
Vim Development Group Vim 5.6
Vim Development Group Vim 5.7
Vim Development Group Vim 5.8
Vim Development Group Vim 6.3.044
Vim Development Group Vim 5.2
Vim Development Group Vim 5.3
Vim Development Group Vim 6.2
Vim Development Group Vim 6.3.011
Vim Development Group Vim 5.4
Vim Development Group Vim 5.5
Vim Development Group Vim 6.3.025
Vim Development Group Vim 6.3.030
Vim Development Group Vim 5.0
Vim Development Group Vim 5.1
Vim Development Group Vim 6.0
Vim Development Group Vim 6.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »