Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vim vulnerabilities and exploits
(subscribe to this query)
9.3
CVSSv2
CVE-2008-3076
The Netrw plugin 125 in netrw.vim in Vim 7.2a.10 allows user-assisted malicious users to execute arbitrary code via shell metacharacters in filenames used by the execute and system functions within the (1) mz and (2) mc commands, as demonstrated by the netrw.v2 and netrw.v3 test ...
Vim Vim 7.2a.10
1 EDB exploit
9.3
CVSSv2
CVE-2019-12735
getchar.c in Vim prior to 8.1.1365 and Neovim prior to 0.3.6 allows remote malicious users to execute arbitrary OS commands via the :source! command in a modeline, as demonstrated by execute in Vim, and assert_fails or nvim_input in Neovim.
Vim Vim
Neovim Neovim
1 EDB exploit
6 Github repositories
1 Article
NA
CVE-2022-1725
NULL Pointer Dereference in GitHub repository vim/vim before 8.2.4959.
Vim Vim
Apple Macos
6.8
CVSSv2
CVE-2022-1735
Classic Buffer Overflow in GitHub repository vim/vim before 8.2.4969.
Vim Vim
Apple Macos
6.8
CVSSv2
CVE-2022-2042
Use After Free in GitHub repository vim/vim before 8.2.
Vim Vim
Apple Macos
NA
CVE-2023-4734
Integer Overflow or Wraparound in GitHub repository vim/vim before 9.0.1846.
Vim Vim
Apple Macos
NA
CVE-2023-2609
NULL Pointer Dereference in GitHub repository vim/vim before 9.0.1531.
Vim Vim
Fedoraproject Fedora 37
6.8
CVSSv2
CVE-2022-1886
Heap-based Buffer Overflow in GitHub repository vim/vim before 8.2.
Vim Vim
Fedoraproject Fedora 35
5.1
CVSSv2
CVE-2001-0408
vim (aka gvim) processes VIM control codes that are embedded in a file, which could allow malicious users to execute arbitrary commands when another user opens a file containing malicious VIM control codes.
Vim Development Group Vim 5.7
2.1
CVSSv2
CVE-2001-0409
vim (aka gvim) allows local users to modify files being edited by other users via a symlink attack on the backup and swap files, when the victim is editing the file in a world writable directory.
Vim Development Group Vim 5.7
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injection
CVE-2024-35894
SQL
CVE-2024-5105
CVE-2014-100005
CVE-2024-35895
unauthorized
CVE-2024-22120
CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »