Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vim vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2008-4677
autoload/netrw.vim (aka the Netrw Plugin) 109, 131, and other versions prior to 133k for Vim 7.1.266, other 7.1 versions, and 7.2 stores credentials for an FTP session, and sends those credentials when attempting to establish subsequent FTP sessions to servers on different hosts,...
Vim Netrw 109
Vim Netrw 131
Vim Netrw 116
Vim Netrw 118
Vim Netrw 112
Vim Netrw 113
Vim Netrw 122
Vim Netrw 123
Vim Netrw 114
Vim Netrw 115
Vim Netrw 128
Vim Netrw 110
Vim Netrw 111
Vim Netrw 120
Vim Netrw 121
4.6
CVSSv2
CVE-2005-0069
The (1) tcltags or (2) vimspell.sh scripts in vim 6.3 allow local users to overwrite or create arbitrary files via a symlink attack on temporary files.
Vim Development Group Vim 6.3.011
Vim Development Group Vim 6.3.025
Vim Development Group Vim 6.3.030
Vim Development Group Vim 6.3.044
9.3
CVSSv2
CVE-2008-6235
The Netrw plugin (netrw.vim) in Vim 7.0 and 7.1 allows user-assisted malicious users to execute arbitrary commands via shell metacharacters in a filename used by the (1) "D" (delete) command or (2) b:netrw_curdir variable, as demonstrated using the netrw.v4 and netrw.v5...
Vim Vim 7.1
Vim Vim 7.0
6.8
CVSSv2
CVE-2008-3432
Heap-based buffer overflow in the mch_expand_wildcards function in os_unix.c in Vim 6.2 and 6.3 allows user-assisted malicious users to execute arbitrary code via shell metacharacters in filenames, as demonstrated by the netrw.v3 test case.
Vim Vim 6.3
Vim Vim 6.2
1 EDB exploit
NA
CVE-2022-2522
Heap-based Buffer Overflow in GitHub repository vim/vim before 9.0.0061.
Vim Vim
NA
CVE-2023-46246
Vim is an improved version of the good old UNIX editor Vi. Heap-use-after-free in memory allocated in the function `ga_grow_inner` in in the file `src/alloc.c` at line 748, which is freed in the file `src/ex_docmd.c` in the function `do_cmdline` at line 1010 and then used again i...
Vim Vim
7.5
CVSSv2
CVE-2017-6349
An integer overflow at a u_read_undo memory allocation site would occur for vim before patch 8.0.0377, if it does not properly validate values for tree length when reading a corrupted undo file, which may lead to resultant buffer overflows.
Vim Vim
7.5
CVSSv2
CVE-2017-5953
vim before patch 8.0.0322 does not properly validate values for tree length when handling a spell file, which may result in an integer overflow at a memory allocation site and a resultant buffer overflow.
Vim Vim
7.5
CVSSv2
CVE-2017-6350
An integer overflow at an unserialize_uep memory allocation site would occur for vim before patch 8.0.0378, if it does not properly validate values for tree length when reading a corrupted undo file, which may lead to resultant buffer overflows.
Vim Vim
NA
CVE-2022-3153
NULL Pointer Dereference in GitHub repository vim/vim before 9.0.0404.
Vim Vim
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
XXE
CVE-2024-34490
SQL injection
CVE-2024-34488
CVE-2024-4507
CVE-2023-7028
CVE-2024-23187
TCP
CVE-2024-4439
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »