CVSS: 8.4EPSS: 0%CPEs: 6EXPL: 1CVE-2022-0572 – Heap-based Buffer Overflow in vim/vim
https://notcve.org/view.php?id=CVE-2022-0572
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. Un Desbordamiento del Búfer en la región Heap de la Memoria en el repositorio de GitHub vim/vim versiones anteriores a 8.2 • http://seclists.org/fulldisclosure/2022/Oct/28 http://seclists.org/fulldisclosure/2022/Oct/41 https://github.com/vim/vim/commit/6e28703a8e41f775f64e442c5d11ce1ff599aa3f https://huntr.dev/bounties/bf3e0643-03e9-4436-a1c8-74e7111c32bf https://lists.debian.org/debian-lts-announce/2022/05/msg00022.html https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4GOY5YWTP5QUY2EFLCL7AUWA2CV57C37 https://lists.fedoraproject& • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 8.4EPSS: 0%CPEs: 5EXPL: 1CVE-2022-0554 – Use of Out-of-range Pointer Offset in vim/vim
https://notcve.org/view.php?id=CVE-2022-0554
Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2. Un uso del desplazamiento de Puntero Fuera de Rango en el repositorio de GitHub vim/vim anterior a 8.2 A flaw was found in vim that causes an out-of-range pointer offset vulnerability. This flaw allows an attacker to input a specially crafted file, leading to a crash or code execution. • http://seclists.org/fulldisclosure/2022/Oct/28 http://seclists.org/fulldisclosure/2022/Oct/41 https://github.com/vim/vim/commit/e3537aec2f8d6470010547af28dcbd83d41461b8 https://huntr.dev/bounties/7e8f6cd0-b5ee-48a2-8255-6a86f4c46c71 https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7ZLEHVP4LNAGER4ZDGUDS5V5YVQD6INF https://security.gentoo. • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-823: Use of Out-of-range Pointer Offset •
CVSS: 9.8EPSS: 1%CPEs: 3EXPL: 1CVE-2022-0318 – Heap-based Buffer Overflow in vim/vim
https://notcve.org/view.php?id=CVE-2022-0318
Heap-based Buffer Overflow in vim/vim prior to 8.2. Un Desbordamiento de Búfer en la región Heap de la Memoria en vim/vim versiones anteriores a 8.2 A flaw was found in vim. The vulnerability occurs due to reading beyond the end of a line in the utf_head_off function, which can lead to a heap buffer overflow. This flaw allows an attacker to input a specially crafted file, leading to a crash or code execution. • http://seclists.org/fulldisclosure/2022/Oct/28 http://seclists.org/fulldisclosure/2022/Oct/41 http://seclists.org/fulldisclosure/2022/Oct/43 https://github.com/vim/vim/commit/57df9e8a9f9ae1aafdde9b86b10ad907627a87dc https://huntr.dev/bounties/0d10ba02-b138-4e68-a284-67f781a62d08 https://lists.debian.org/debian-lts-announce/2022/11/msg00032.html https://security.gentoo.org/glsa/202208-32 https://support.apple.com/kb/HT213444 https://support.apple.com/kb/HT213488 https://access.redhat.com& • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 1CVE-2022-0319 – Out-of-bounds Read in vim/vim
https://notcve.org/view.php?id=CVE-2022-0319
Out-of-bounds Read in vim/vim prior to 8.2. Una Lectura Fuera de Límites en Conda vim versiones anteriores a 8.2 • http://seclists.org/fulldisclosure/2022/Oct/28 http://seclists.org/fulldisclosure/2022/Oct/41 http://seclists.org/fulldisclosure/2022/Oct/43 https://github.com/vim/vim/commit/05b27615481e72e3b338bb12990fb3e0c2ecc2a9 https://huntr.dev/bounties/ba622fd2-e6ef-4ad9-95b4-17f87b68755b https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html https://security.gentoo.org/glsa/202208-32 https://support.apple.com/kb/HT213444&# • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 1CVE-2022-0261 – Heap-based Buffer Overflow in vim/vim
https://notcve.org/view.php?id=CVE-2022-0261
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. Un Desbordamiento de Búfer en la región Heap de la memoria en el repositorio GitHub vim/vim versiones anteriores a 8.2 A heap based out-of-bounds write flaw was found in vim's ops.c. This flaw allows an attacker to trick a user to open a crafted file triggering an out-of-bounds write. This vulnerability is capable of crashing software, modify memory, and possible code execution. • http://seclists.org/fulldisclosure/2022/Oct/28 http://seclists.org/fulldisclosure/2022/Oct/41 http://seclists.org/fulldisclosure/2022/Oct/43 https://github.com/vim/vim/commit/9f8c304c8a390ade133bac29963dc8e56ab14cbc https://huntr.dev/bounties/fa795954-8775-4f23-98c6-d4d4d3fe8a82 https://lists.debian.org/debian-lts-announce/2022/05/msg00022.html https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html https://security.gentoo.org/glsa/202208-32 https://support.apple.com/kb/HT213444&# • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •