Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vim vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2022-2580
Heap-based Buffer Overflow in GitHub repository vim/vim before 9.0.0102.
Vim Vim
5.5
CVSSv3
CVE-2017-1000382
VIM version 8.0.1187 (and other versions most likely) ignores umask when creating a swap file ("[ORIGINAL_FILENAME].swp") resulting in files that may be world readable or otherwise accessible in ways not intended by the user running the vi binary.
Vim Vim
9.8
CVSSv3
CVE-2017-6349
An integer overflow at a u_read_undo memory allocation site would occur for vim before patch 8.0.0377, if it does not properly validate values for tree length when reading a corrupted undo file, which may lead to resultant buffer overflows.
Vim Vim
9.8
CVSSv3
CVE-2017-6350
An integer overflow at an unserialize_uep memory allocation site would occur for vim before patch 8.0.0378, if it does not properly validate values for tree length when reading a corrupted undo file, which may lead to resultant buffer overflows.
Vim Vim
9.8
CVSSv3
CVE-2017-5953
vim before patch 8.0.0322 does not properly validate values for tree length when handling a spell file, which may result in an integer overflow at a memory allocation site and a resultant buffer overflow.
Vim Vim
7.8
CVSSv3
CVE-2023-3896
Divide By Zero in vim/vim from 9.0.1367-1 to 9.0.1367-3
Vim Vim 9.0.1367
9.8
CVSSv3
CVE-2020-20703
Buffer Overflow vulnerability in VIM v.8.1.2135 allows a remote malicious user to execute arbitrary code via the operand parameter.
Vim Vim 8.1.2135
7.8
CVSSv3
CVE-2017-11109
Vim 8.0 allows malicious users to cause a denial of service (invalid free) or possibly have unspecified other impact via a crafted source (aka -S) file. NOTE: there might be a limited number of scenarios in which this has security relevance.
Vim Vim 8.0
5.5
CVSSv3
CVE-2021-3236
vim 8.2.2348 is affected by null pointer dereference, allows local malicious users to cause a denial of service (DoS) via the ex_buffer_all method.
Vim Vim 8.2.2348
7.8
CVSSv3
CVE-2021-28832
VSCodeVim prior to 1.19.0 allows malicious users to execute arbitrary code via a crafted workspace configuration.
Vim Project Vim
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-3675
CVE-2024-3400
CVE-2024-23557
mass assignment
CVE-2023-1389
local file inclusion
CVE-2024-32596
file upload
CVE-2024-32593
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »