Vulnerabilities (CVE)

Filtered by vendor Vim Subscribe
Filtered by product Vim
Total 194 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-4736 2 Apple, Vim 2 Macos, Vim 2023-12-22 N/A 7.8 HIGH
Untrusted Search Path in GitHub repository vim/vim prior to 9.0.1833.
CVE-2023-4751 2 Apple, Vim 2 Macos, Vim 2023-12-22 N/A 7.8 HIGH
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1331.
CVE-2023-4735 2 Apple, Vim 2 Macos, Vim 2023-12-22 N/A 7.8 HIGH
Out-of-bounds Write in GitHub repository vim/vim prior to 9.0.1847.
CVE-2023-4734 2 Apple, Vim 2 Macos, Vim 2023-12-21 N/A 7.8 HIGH
Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0.1846.
CVE-2023-46246 1 Vim 1 Vim 2023-12-17 N/A 5.5 MEDIUM
Vim is an improved version of the good old UNIX editor Vi. Heap-use-after-free in memory allocated in the function `ga_grow_inner` in in the file `src/alloc.c` at line 748, which is freed in the file `src/ex_docmd.c` in the function `do_cmdline` at line 1010 and then used again in `src/cmdhist.c` at line 759. When using the `:history` command, it's possible that the provided argument overflows the accepted value. Causing an Integer Overflow and potentially later an use-after-free. This vulnerability has been patched in version 9.0.2068.
CVE-2023-5344 2 Fedoraproject, Vim 2 Fedora, Vim 2023-12-13 N/A 7.5 HIGH
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1969.
CVE-2023-5441 2 Fedoraproject, Vim 2 Fedora, Vim 2023-12-10 N/A 5.5 MEDIUM
NULL Pointer Dereference in GitHub repository vim/vim prior to 20d161ace307e28690229b68584f2d84556f8960.
CVE-2021-3236 1 Vim 1 Vim 2023-12-10 N/A 5.5 MEDIUM
vim 8.2.2348 is affected by null pointer dereference, allows local attackers to cause a denial of service (DoS) via the ex_buffer_all method.
CVE-2023-5535 2 Fedoraproject, Vim 2 Fedora, Vim 2023-12-10 N/A 7.8 HIGH
Use After Free in GitHub repository vim/vim prior to v9.0.2010.
CVE-2023-3896 1 Vim 1 Vim 2023-12-10 N/A 7.8 HIGH
Divide By Zero in vim/vim from 9.0.1367-1 to 9.0.1367-3
CVE-2020-20703 1 Vim 1 Vim 2023-12-10 N/A 9.8 CRITICAL
Buffer Overflow vulnerability in VIM v.8.1.2135 allows a remote attacker to execute arbitrary code via the operand parameter.
CVE-2022-3591 1 Vim 1 Vim 2023-12-10 N/A 7.8 HIGH
Use After Free in GitHub repository vim/vim prior to 9.0.0789.
CVE-2023-0049 2 Fedoraproject, Vim 2 Fedora, Vim 2023-12-10 N/A 7.8 HIGH
Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.1143.
CVE-2022-3520 1 Vim 1 Vim 2023-12-10 N/A 9.8 CRITICAL
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0765.
CVE-2022-4293 1 Vim 1 Vim 2023-12-10 N/A 5.5 MEDIUM
Floating Point Comparison with Incorrect Operator in GitHub repository vim/vim prior to 9.0.0804.
CVE-2023-0512 1 Vim 1 Vim 2023-12-10 N/A 7.8 HIGH
Divide By Zero in GitHub repository vim/vim prior to 9.0.1247.
CVE-2022-3491 1 Vim 1 Vim 2023-12-10 N/A 7.8 HIGH
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0742.
CVE-2023-0054 1 Vim 1 Vim 2023-12-10 N/A 7.8 HIGH
Out-of-bounds Write in GitHub repository vim/vim prior to 9.0.1145.
CVE-2023-1264 2 Fedoraproject, Vim 2 Fedora, Vim 2023-12-10 N/A 5.5 MEDIUM
NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.1392.
CVE-2022-47024 1 Vim 1 Vim 2023-12-10 N/A 7.8 HIGH
A null pointer dereference issue was discovered in function gui_x11_create_blank_mouse in gui_x11.c in vim 8.1.2269 thru 9.0.0339 allows attackers to cause denial of service or other unspecified impacts.