Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vim vim vulnerabilities and exploits
(subscribe to this query)
756
VMScore
CVE-2021-3968
vim is vulnerable to Heap-based Buffer Overflow
Vim Vim
Fedoraproject Fedora 34
Fedoraproject Fedora 35
756
VMScore
CVE-2018-11319
Syntastic (aka vim-syntastic) up to and including 3.9.0 does not properly handle searches for configuration files (it searches the current directory up to potentially the root). This improper handling might be exploited for arbitrary code execution via a malicious gcc plugin, if ...
Syntastic Project Syntastic
Debian Debian Linux 8.0
Debian Debian Linux 9.0
685
VMScore
CVE-2008-3432
Heap-based buffer overflow in the mch_expand_wildcards function in os_unix.c in Vim 6.2 and 6.3 allows user-assisted malicious users to execute arbitrary code via shell metacharacters in filenames, as demonstrated by the netrw.v3 test case.
Vim Vim 6.3
Vim Vim 6.2
1 EDB exploit
677
VMScore
CVE-2007-2438
The sandbox for vim allows dangerous functions such as (1) writefile, (2) feedkeys, and (3) system, which might allow user-assisted malicious users to execute shell commands and write files via modelines.
Vim Development Group Vim 7.0
3 Github repositories
668
VMScore
CVE-2022-0318
Heap-based Buffer Overflow in vim/vim before 8.2.
Vim Vim
Apple Macos
Debian Debian Linux 10.0
668
VMScore
CVE-2020-9769
Multiple issues were addressed by updating to version 8.1.1850. This issue is fixed in macOS Catalina 10.15.4. Multiple issues in Vim.
Apple Mac Os X
1 Article
668
VMScore
CVE-2017-1000212
Elixir's vim plugin, alchemist.vim is vulnerable to remote code execution in the bundled alchemist-server. A malicious website can execute requests against an ephemeral port on localhost that are then evaluated as elixir code.
Alchemist-elixir Alchemist-server -
668
VMScore
CVE-2017-6349
An integer overflow at a u_read_undo memory allocation site would occur for vim before patch 8.0.0377, if it does not properly validate values for tree length when reading a corrupted undo file, which may lead to resultant buffer overflows.
Vim Vim
668
VMScore
CVE-2017-6350
An integer overflow at an unserialize_uep memory allocation site would occur for vim before patch 8.0.0378, if it does not properly validate values for tree length when reading a corrupted undo file, which may lead to resultant buffer overflows.
Vim Vim
668
VMScore
CVE-2017-5953
vim before patch 8.0.0322 does not properly validate values for tree length when handling a spell file, which may result in an integer overflow at a memory allocation site and a resultant buffer overflow.
Vim Vim
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
denial of service
CVE-2024-27371
CVE-2024-20405
CVE-2024-31627
CVE-2024-31625
race condition
CVE-2024-4358
cross-site scripting
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »