CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-3705 – vim autocmd quickfix.c qf_update_buffer use after free
https://notcve.org/view.php?id=CVE-2022-3705
A vulnerability was found in vim and classified as problematic. Affected by this issue is the function qf_update_buffer of the file quickfix.c of the component autocmd Handler. The manipulation leads to use after free. The attack may be launched remotely. Upgrading to version 9.0.0805 is able to address this issue. • http://seclists.org/fulldisclosure/2023/Jan/19 https://github.com/vim/vim/commit/d0fab10ed2a86698937e3c3fed2f10bd9bb5e731 https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4JCW33NOLMELTTTDJH7WGDIFJZ5YEEMK https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTBVD4J2SKVSWK4VBN5JP5OEVK6GDS3N https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JYEK5RNMH7MVQH6 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 1CVE-2022-3352 – Use After Free in vim/vim
https://notcve.org/view.php?id=CVE-2022-3352
Use After Free in GitHub repository vim/vim prior to 9.0.0614. Un Uso de Memoria Previamente Liberada en el repositorio GitHub vim/vim versiones anteriores a 9.0.0614 • https://github.com/vim/vim/commit/ef976323e770315b5fca544efb6b2faa25674d15 https://huntr.dev/bounties/d058f182-a49b-40c7-9234-43d4c5a29f60 https://lists.debian.org/debian-lts-announce/2022/11/msg00032.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4QI7AETXBHPC7SGA77Q7O5IEGULWYET7 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTBVD4J2SKVSWK4VBN5JP5OEVK6GDS3N https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/messa • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 1CVE-2022-3324 – Stack-based Buffer Overflow in vim/vim
https://notcve.org/view.php?id=CVE-2022-3324
Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0598. Un Desbordamiento del Búfer en la Región Stack de la Memoria en el repositorio de GitHub vim/vim versiones anteriores a 9.0.0598 • https://github.com/vim/vim/commit/8279af514ca7e5fd3c31cf13b0864163d1a0bfeb https://huntr.dev/bounties/e414e55b-f332-491f-863b-c18dca97403c https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4QI7AETXBHPC7SGA77Q7O5IEGULWYET7 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTBVD4J2SKVSWK4VBN5JP5OEVK6GDS3N https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/messa • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 1CVE-2022-3296 – Stack-based Buffer Overflow in vim/vim
https://notcve.org/view.php?id=CVE-2022-3296
Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0577. Desbordamiento del búfer en la región Stack de la memoria en el repositorio de GitHub vim/vim versiones anteriores a 9.0.0577. • https://github.com/vim/vim/commit/96b9bf8f74af8abf1e30054f996708db7dc285be https://huntr.dev/bounties/958866b8-526a-4979-9471-39392e0c9077 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4QI7AETXBHPC7SGA77Q7O5IEGULWYET7 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTBVD4J2SKVSWK4VBN5JP5OEVK6GDS3N https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LSSEWQLK55MCNT4Z2IIJEJYEI5HLCODI https://security.gentoo.org/glsa/202305-16 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 1CVE-2022-3297 – Use After Free in vim/vim
https://notcve.org/view.php?id=CVE-2022-3297
Use After Free in GitHub repository vim/vim prior to 9.0.0579. Un Uso de Memoria Previamente liberada en el repositorio de GitHub vim/vim versiones anteriores a 9.0.0579. • https://github.com/vim/vim/commit/0ff01835a40f549c5c4a550502f62a2ac9ac447c https://huntr.dev/bounties/1aa9ec92-0355-4710-bf85-5bce9effa01c https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4QI7AETXBHPC7SGA77Q7O5IEGULWYET7 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTBVD4J2SKVSWK4VBN5JP5OEVK6GDS3N https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LSSEWQLK55MCNT4Z2IIJEJYEI5HLCODI https://security.gentoo.org/glsa/202305-16 • CWE-416: Use After Free •