CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-1796 – Use After Free in vim/vim
https://notcve.org/view.php?id=CVE-2022-1796
19 May 2022 — Use After Free in GitHub repository vim/vim prior to 8.2.4979. Un Uso de Memoria Previamente Liberada en el repositorio de GitHub vim/vim versiones anteriores a 8.2.4979 Multiple vulnerabilities have been discovered in Vim, the worst of which could result in denial of service. Versions less than 9.0.0060 are affected. • https://github.com/vim/vim/commit/28d032cc688ccfda18c5bbcab8b50aba6e18cde5 • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2022-1771 – Uncontrolled Recursion in vim/vim
https://notcve.org/view.php?id=CVE-2022-1771
18 May 2022 — Uncontrolled Recursion in GitHub repository vim/vim prior to 8.2.4975. Recursión incontrolada en el repositorio de GitHub vim/vim anterior a 8.2.4975 It was discovered that Vim could be made to dereference invalid memory. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. It was discovered that Vim could be made to recurse infinitely. • https://github.com/vim/vim/commit/51f0bfb88a3554ca2dde777d78a59880d1ee37a8 • CWE-674: Uncontrolled Recursion •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 1CVE-2022-1733 – Heap-based Buffer Overflow in vim/vim
https://notcve.org/view.php?id=CVE-2022-1733
17 May 2022 — Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4968. Un desbordamiento de búfer en la región Heap de la memoria en el repositorio de GitHub vim/vim versiones anteriores a 8.2.4968 It was discovered that Vim incorrectly handled memory when opening certain files. If an attacker could trick a user into opening a specially crafted file, it could cause Vim to crash, or possible execute arbitrary code. This issue only affected Ubuntu 14.04 ESM, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu ... • http://seclists.org/fulldisclosure/2022/Oct/28 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2022-1735 – Classic Buffer Overflow in vim/vim
https://notcve.org/view.php?id=CVE-2022-1735
17 May 2022 — Classic Buffer Overflow in GitHub repository vim/vim prior to 8.2.4969. Un Desbordamiento de Búfer Clásico en el repositorio GitHub vim/vim versiones anteriores a 8.2.4969 It was discovered that Vim incorrectly handled memory when opening certain files. If an attacker could trick a user into opening a specially crafted file, it could cause Vim to crash, or possible execute arbitrary code. This issue only affected Ubuntu 14.04 ESM, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. • http://seclists.org/fulldisclosure/2022/Oct/28 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2022-1769 – Buffer Over-read in vim/vim
https://notcve.org/view.php?id=CVE-2022-1769
17 May 2022 — Buffer Over-read in GitHub repository vim/vim prior to 8.2.4974. Un desbordamiento de búfer en el repositorio de GitHub vim/vim versiones anteriores a 8.2.4974 macOS Ventura 13 addresses buffer overflow, bypass, code execution, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities. • http://seclists.org/fulldisclosure/2022/Oct/28 • CWE-125: Out-of-bounds Read CWE-126: Buffer Over-read •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 1CVE-2022-1720 – Buffer Over-read in function grab_file_name in vim/vim
https://notcve.org/view.php?id=CVE-2022-1720
16 May 2022 — Buffer Over-read in function grab_file_name in GitHub repository vim/vim prior to 8.2.4956. This vulnerability is capable of crashing the software, memory modification, and possible remote execution. Una Lectura Excesiva del Búfer en la función grab_file_name en el repositorio de GitHub vim/vim versiones anteriores a 8.2.4956. Esta vulnerabilidad es capaz de bloquear el software, modificación de la memoria y una posible ejecución remota macOS Ventura 13 addresses buffer overflow, bypass, code execution, out... • http://seclists.org/fulldisclosure/2022/Oct/28 • CWE-125: Out-of-bounds Read CWE-126: Buffer Over-read •
CVSS: 6.6EPSS: 0%CPEs: 2EXPL: 1CVE-2022-1725 – NULL Pointer Dereference in vim/vim
https://notcve.org/view.php?id=CVE-2022-1725
16 May 2022 — NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.4959. Un Desreferencia de Puntero NULL en el repositorio de GitHub vim/vim versiones anteriores a 8.2.4959 It was discovered that Vim could be made to crash when searching specially crafted patterns. An attacker could possibly use this to crash Vim and cause denial of service. It was discovered that there existed a NULL pointer dereference in Vim. An attacker could possibly use this to crash Vim and cause denial of service. • http://seclists.org/fulldisclosure/2022/Oct/28 • CWE-476: NULL Pointer Dereference •
CVSS: 6.6EPSS: 0%CPEs: 5EXPL: 1CVE-2022-1674 – NULL Pointer Dereference in function vim_regexec_string at regexp.c:2733 in vim/vim
https://notcve.org/view.php?id=CVE-2022-1674
12 May 2022 — NULL Pointer Dereference in function vim_regexec_string at regexp.c:2733 in GitHub repository vim/vim prior to 8.2.4938. NULL Pointer Dereference in function vim_regexec_string at regexp.c:2733 allows attackers to cause a denial of service (application crash) via a crafted input. Una Desreferencia de Puntero NULL en la función vim_regexec_string en el archivo regexp.c:2733 en el repositorio de GitHub vim/vim versiones anteriores a 8.2.4938. Una Desreferencia de Puntero NULL en la función vim_regexec_string ... • http://seclists.org/fulldisclosure/2022/Oct/28 • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 1CVE-2022-1629 – Buffer Over-read in function find_next_quote in vim/vim
https://notcve.org/view.php?id=CVE-2022-1629
10 May 2022 — Buffer Over-read in function find_next_quote in GitHub repository vim/vim prior to 8.2.4925. This vulnerabilities are capable of crashing software, Modify Memory, and possible remote execution Una lectura Excesiva del Búfer en la función find_next_quote en el repositorio de GitHub vim/vim versiones anteriores a 8.2.4925. Esta vulnerabilidad es capaz de bloquear el software, Modificar la Memoria y una posible ejecución remota A flaw was found in vim, where it is vulnerable to a buffer over-read in the find_n... • http://seclists.org/fulldisclosure/2022/Oct/28 • CWE-125: Out-of-bounds Read CWE-126: Buffer Over-read •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 1CVE-2022-1621 – Heap buffer overflow in vim_strncpy find_word in vim/vim
https://notcve.org/view.php?id=CVE-2022-1621
09 May 2022 — Heap buffer overflow in vim_strncpy find_word in GitHub repository vim/vim prior to 8.2.4919. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution Un Desbordamiento del búfer de pila en vim_strncpy find_word en el repositorio de GitHub vim/vim versiones anteriores a 8.2.4919. Esta vulnerabilidad es capaz de bloquear el software, Omitir el Mecanismo de Protección, Modificar la Memoria y una posible ejecución remota A flaw was found in v... • http://seclists.org/fulldisclosure/2022/Oct/28 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •