Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vim vim vulnerabilities and exploits
(subscribe to this query)
605
VMScore
CVE-2007-2953
Format string vulnerability in the helptags_one function in src/ex_cmds.c in Vim 6.4 and previous versions, and 7.x up to 7.1, allows user-assisted remote malicious users to execute arbitrary code via format string specifiers in a help-tags tag in a help file, related to the help...
Vim Development Group Vim 7.1
Vim Development Group Vim
Vim Development Group Vim 7.0
Vim Development Group Vim 7.1.38
409
VMScore
CVE-2005-0069
The (1) tcltags or (2) vimspell.sh scripts in vim 6.3 allow local users to overwrite or create arbitrary files via a symlink attack on temporary files.
Vim Development Group Vim 6.3.011
Vim Development Group Vim 6.3.025
Vim Development Group Vim 6.3.044
Vim Development Group Vim 6.3.030
685
VMScore
CVE-2008-3432
Heap-based buffer overflow in the mch_expand_wildcards function in os_unix.c in Vim 6.2 and 6.3 allows user-assisted malicious users to execute arbitrary code via shell metacharacters in filenames, as demonstrated by the netrw.v3 test case.
Vim Vim 6.3
Vim Vim 6.2
1 EDB exploit
828
VMScore
CVE-2008-6235
The Netrw plugin (netrw.vim) in Vim 7.0 and 7.1 allows user-assisted malicious users to execute arbitrary commands via shell metacharacters in a filename used by the (1) "D" (delete) command or (2) b:netrw_curdir variable, as demonstrated using the netrw.v4 and netrw.v5...
Vim Vim 7.1
Vim Vim 7.0
NA
CVE-2023-48706
Vim is a UNIX editor that, prior to version 9.0.2121, has a heap-use-after-free vulnerability. When executing a `:s` command for the very first time and using a sub-replace-special atom inside the substitution part, it is possible that the recursive `:s` call causes free-ing of m...
Vim Vim
605
VMScore
CVE-2022-0407
Heap-based Buffer Overflow in GitHub repository vim/vim before 8.2.
Vim Vim
NA
CVE-2022-2874
NULL Pointer Dereference in GitHub repository vim/vim before 9.0.0224.
Vim Vim
187
VMScore
CVE-2017-1000382
VIM version 8.0.1187 (and other versions most likely) ignores umask when creating a swap file ("[ORIGINAL_FILENAME].swp") resulting in files that may be world readable or otherwise accessible in ways not intended by the user running the vi binary.
Vim Vim
NA
CVE-2023-2426
Use of Out-of-range Pointer Offset in GitHub repository vim/vim before 9.0.1499.
Vim Vim
NA
CVE-2022-2522
Heap-based Buffer Overflow in GitHub repository vim/vim before 9.0.0061.
Vim Vim
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
SSRF
server-side request forgery
CVE-2024-30067
CVE-2024-5553
CVE-2024-30095
IDOR
CVE-2024-35252
CVE-2024-23692
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »