Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vim vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2020-20703
Buffer Overflow vulnerability in VIM v.8.1.2135 allows a remote malicious user to execute arbitrary code via the operand parameter.
Vim Vim 8.1.2135
9.8
CVSSv3
CVE-2022-3520
Heap-based Buffer Overflow in GitHub repository vim/vim before 9.0.0765.
Vim Vim
9.8
CVSSv3
CVE-2022-0318
Heap-based Buffer Overflow in vim/vim before 8.2.
Vim Vim
Apple Macos
Debian Debian Linux 10.0
9.8
CVSSv3
CVE-2020-9769
Multiple issues were addressed by updating to version 8.1.1850. This issue is fixed in macOS Catalina 10.15.4. Multiple issues in Vim.
Apple Mac Os X
1 Article
9.8
CVSSv3
CVE-2017-1000212
Elixir's vim plugin, alchemist.vim is vulnerable to remote code execution in the bundled alchemist-server. A malicious website can execute requests against an ephemeral port on localhost that are then evaluated as elixir code.
Alchemist-elixir Alchemist-server -
9.8
CVSSv3
CVE-2017-6350
An integer overflow at an unserialize_uep memory allocation site would occur for vim before patch 8.0.0378, if it does not properly validate values for tree length when reading a corrupted undo file, which may lead to resultant buffer overflows.
Vim Vim
9.8
CVSSv3
CVE-2017-6349
An integer overflow at a u_read_undo memory allocation site would occur for vim before patch 8.0.0377, if it does not properly validate values for tree length when reading a corrupted undo file, which may lead to resultant buffer overflows.
Vim Vim
9.8
CVSSv3
CVE-2017-5953
vim before patch 8.0.0322 does not properly validate values for tree length when handling a spell file, which may result in an integer overflow at a memory allocation site and a resultant buffer overflow.
Vim Vim
8.8
CVSSv3
CVE-2022-0729
Use of Out-of-range Pointer Offset in GitHub repository vim/vim before 8.2.4440.
Vim Vim
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Apple Macos
8.6
CVSSv3
CVE-2019-12735
getchar.c in Vim prior to 8.1.1365 and Neovim prior to 0.3.6 allows remote malicious users to execute arbitrary OS commands via the :source! command in a modeline, as demonstrated by execute in Vim, and assert_fails or nvim_input in Neovim.
Vim Vim
Neovim Neovim
1 EDB exploit
6 Github repositories
1 Article
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48700
CVE-2022-48689
CVE-2024-27956
CVE-2023-6363
SQL
NULL pointer dereference
CVE-2023-41830
CVE-2015-2051
arbitrary
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »