Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vim vim vulnerabilities and exploits
(subscribe to this query)
937
VMScore
CVE-2019-12735
getchar.c in Vim prior to 8.1.1365 and Neovim prior to 0.3.6 allows remote malicious users to execute arbitrary OS commands via the :source! command in a modeline, as demonstrated by execute in Vim, and assert_fails or nvim_input in Neovim.
Vim Vim
Neovim Neovim
1 EDB exploit
6 Github repositories
1 Article
935
VMScore
CVE-2008-3076
The Netrw plugin 125 in netrw.vim in Vim 7.2a.10 allows user-assisted malicious users to execute arbitrary code via shell metacharacters in filenames used by the execute and system functions within the (1) mz and (2) mc commands, as demonstrated by the netrw.v2 and netrw.v3 test ...
Vim Vim 7.2a.10
1 EDB exploit
935
VMScore
CVE-2008-4101
Vim 3.0 up to and including 7.x prior to 7.2.010 does not properly escape characters, which allows user-assisted malicious users to (1) execute arbitrary shell commands by entering a K keystroke on a line that contains a ";" (semicolon) followed by a command, or execute...
Vim Vim 5.2
Vim Vim 5.3
Vim Vim 6.1
Vim Vim 6.2
Vim Vim 5.4
Vim Vim 5.5
Vim Vim 6.3
Vim Vim 6.4
Vim Vim 5.0
Vim Vim 5.1
Vim Vim 5.8
Vim Vim 6.0
Vim Vim
Vim Vim 3.0
Vim Vim 4.0
Vim Vim 5.6
Vim Vim 5.7
Vim Vim 7.0
Vim Vim 7.1
1 EDB exploit
935
VMScore
CVE-2008-2712
Vim 7.1.314, 6.4, and other versions allows user-assisted remote malicious users to execute arbitrary commands via Vim scripts that do not properly sanitize inputs before invoking the execute or system functions, as demonstrated using (1) filetype.vim, (3) xpm.vim, (4) gzip_vim, ...
Vim Vim
Canonical Ubuntu Linux 8.10
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 7.10
Canonical Ubuntu Linux 6.06
1 EDB exploit
829
VMScore
CVE-2021-3973
vim is vulnerable to Heap-based Buffer Overflow
Vim Vim
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Debian Debian Linux 9.0
828
VMScore
CVE-2010-3914
Untrusted search path vulnerability in VIM Development Group GVim prior to 7.3.034, and possibly other versions prior to 7.3.46, allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse User32.dll or other D...
Vim Gvim 7.3.025
Vim Gvim 7.3.024
Vim Gvim 7.3.023
Vim Gvim 7.3.022
Vim Gvim 7.3.08
Vim Gvim 7.3.07
Vim Gvim 7.3.06
Vim Gvim 7.3.05
Vim Gvim
Vim Gvim 7.3.032
Vim Gvim 7.3.031
Vim Gvim 7.3.030
Vim Gvim 7.3.017
Vim Gvim 7.3.016
Vim Gvim 7.3.015
Vim Gvim 7.3.014
Vim Gvim 7.3.029
Vim Gvim 7.3.028
Vim Gvim 7.3.020
Vim Gvim 7.3.018
Vim Gvim 7.3.013
Vim Gvim 7.3.011
828
VMScore
CVE-2008-6235
The Netrw plugin (netrw.vim) in Vim 7.0 and 7.1 allows user-assisted malicious users to execute arbitrary commands via shell metacharacters in a filename used by the (1) "D" (delete) command or (2) b:netrw_curdir variable, as demonstrated using the netrw.v4 and netrw.v5...
Vim Vim 7.1
Vim Vim 7.0
828
VMScore
CVE-2008-3074
The shellescape function in Vim 7.0 up to and including 7.2, including 7.2a.10, allows user-assisted malicious users to execute arbitrary code via the "!" (exclamation point) shell metacharacter in (1) the filename of a tar archive and possibly (2) the filename of the f...
Vim Vim 7.2
Vim Tar.vim V.12
Vim Tar.vim V.13
Vim Tar.vim V.20
Vim Tar.vim V.21
Vim Vim 7.1
Vim Vim 7.0
Vim Tar.vim V.16
Vim Tar.vim V.17
Vim Vim 7.1.314
Vim Vim 7.1.266
Vim Tar.vim V.14
Vim Tar.vim V.15
Vim Tar.vim V.22
Vim Tar.vim V.10
Vim Tar.vim V.11
Vim Tar.vim V.18
Vim Tar.vim V.19
828
VMScore
CVE-2008-3075
The shellescape function in Vim 7.0 up to and including 7.2, including 7.2a.10, allows user-assisted malicious users to execute arbitrary code via the "!" (exclamation point) shell metacharacter in (1) the filename of a ZIP archive and possibly (2) the filename of the f...
Vim Vim 7.1.266
Vim Vim 7.1
Vim Vim 7.2
Vim Vim 7.1.314
Vim Zipplugin.vim V.19
Vim Zipplugin.vim V.18
Vim Vim 7.0
Vim Vim 7.2a.10
Vim Zipplugin.vim V.15
Vim Zipplugin.vim V.14
Vim Zipplugin.vim V.13
Vim Zipplugin.vim V.17
Vim Zipplugin.vim V.16
Vim Zipplugin.vim V.21
Vim Zipplugin.vim V.20
Vim Zipplugin.vim V.12
Vim Zipplugin.vim V.11
828
VMScore
CVE-2005-2368
vim 6.3 prior to 6.3.082, with modelines enabled, allows external user-assisted malicious users to execute arbitrary commands via shell metacharacters in the (1) glob or (2) expand commands of a foldexpr expression for calculating fold levels.
Vim Development Group Vim 6.3.081
Vim Development Group Vim 6.3
Vim Development Group Vim 6.3.011
Vim Development Group Vim 6.3.025
Vim Development Group Vim 6.3.030
Vim Development Group Vim 6.3.044
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »