CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-11109 – Ubuntu Security Notice USN-4309-1
https://notcve.org/view.php?id=CVE-2017-11109
08 Jul 2017 — Vim 8.0 allows attackers to cause a denial of service (invalid free) or possibly have unspecified other impact via a crafted source (aka -S) file. NOTE: there might be a limited number of scenarios in which this has security relevance. Vim versión 8.0, permite a los atacantes causar una denegación de servicio (liberación no válida) o posiblemente tener otro impacto no especificado por medio de un archivo fuente creado (aka -S). NOTA: podría haber un número limitado de escenarios en que esto tenga relevancia... • https://bugzilla.redhat.com/show_bug.cgi?id=1468492 • CWE-416: Use After Free •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-6350 – Gentoo Linux Security Advisory 201706-26
https://notcve.org/view.php?id=CVE-2017-6350
27 Feb 2017 — An integer overflow at an unserialize_uep memory allocation site would occur for vim before patch 8.0.0378, if it does not properly validate values for tree length when reading a corrupted undo file, which may lead to resultant buffer overflows. Un desbordamiento de entero en un sitio de asignación de memoria unserialize_uep ocurriría para vim en versiones anteriores al parche 8.0.0378, si no valida correctamente los valores de longitud del arból de decisión, al leer un archivo desecho corrompido, lo que pu... • http://www.securityfocus.com/bid/96448 • CWE-190: Integer Overflow or Wraparound •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-6349 – Gentoo Linux Security Advisory 201706-26
https://notcve.org/view.php?id=CVE-2017-6349
27 Feb 2017 — An integer overflow at a u_read_undo memory allocation site would occur for vim before patch 8.0.0377, if it does not properly validate values for tree length when reading a corrupted undo file, which may lead to resultant buffer overflows. Un desbordamiento de entero en un sitio de asignación de memoria u_read_undo ocurriría para vim en versiones anteriores al parche 8.0.0377, si no valida correctamente los valores de longitud del árbol de decisión, al leer un archivo desecho corrompido, lo que puede resul... • http://www.securityfocus.com/bid/96451 • CWE-190: Integer Overflow or Wraparound •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0CVE-2017-5953 – Ubuntu Security Notice USN-4016-1
https://notcve.org/view.php?id=CVE-2017-5953
10 Feb 2017 — vim before patch 8.0.0322 does not properly validate values for tree length when handling a spell file, which may result in an integer overflow at a memory allocation site and a resultant buffer overflow. vim en versiones anteriores a patch 8.0.0322 no valida adecuadamente los valores para la longitud del árbol cuando maneja un archivo spell, lo que puede resultar en un desbordamiento de entero en un sitio de asignación de memoria y un desbordamiento de búfer resultante. It was discovered that Vim incorrect... • http://www.debian.org/security/2017/dsa-3786 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 76%CPEs: 2EXPL: 0CVE-2016-1248 – vim: Lack of validation of values for few options results in code exection
https://notcve.org/view.php?id=CVE-2016-1248
23 Nov 2016 — vim before patch 8.0.0056 does not properly validate values for the 'filetype', 'syntax' and 'keymap' options, which may result in the execution of arbitrary code if a file with a specially crafted modeline is opened. vim en versiones anteriores a patch 8.0.0056 no valida correctamente los valores para las opciones 'filetype', 'syntax' y 'keymap', lo que puede resulta en la ejecución de código arbitrario si se abre un archivo con una línea de modo especialmente manipulada. A vulnerability was found in vim i... • http://openwall.com/lists/oss-security/2016/11/22/20 • CWE-20: Improper Input Validation CWE-138: Improper Neutralization of Special Elements •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 3CVE-2008-6235 – plugin: lack of sanitization throughout netrw.vim can lead to arbitrary code execution
https://notcve.org/view.php?id=CVE-2008-6235
21 Feb 2009 — The Netrw plugin (netrw.vim) in Vim 7.0 and 7.1 allows user-assisted attackers to execute arbitrary commands via shell metacharacters in a filename used by the (1) "D" (delete) command or (2) b:netrw_curdir variable, as demonstrated using the netrw.v4 and netrw.v5 test cases. El plugin Netrw (netrw.vim) en Vim v7.0 y v7.1 permite a atacantes asistidos por el usuario ejecutar comandos de su elección a través de metacaracteres de línea de comandos en un fichero utilizado por (1) comando "D" (borrar) o (2) var... • http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.html • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 7CVE-2008-3076 – Netrw 125 Vim Script - Multiple Command Execution Vulnerabilities
https://notcve.org/view.php?id=CVE-2008-3076
21 Feb 2009 — The Netrw plugin 125 in netrw.vim in Vim 7.2a.10 allows user-assisted attackers to execute arbitrary code via shell metacharacters in filenames used by the execute and system functions within the (1) mz and (2) mc commands, as demonstrated by the netrw.v2 and netrw.v3 test cases. NOTE: this issue reportedly exists because of an incomplete fix for CVE-2008-2712. El plugin Netrw 125 en netrw.vim en Vim 7.2a.10 permite a atacantes asistidos por el usuario ejecutar comandos de su elección a través de metacaract... • https://www.exploit-db.com/exploits/32012 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.8EPSS: 0%CPEs: 17EXPL: 2CVE-2008-3075 – plugin: improper Implementation of shellescape() (arbitrary code execution)
https://notcve.org/view.php?id=CVE-2008-3075
21 Feb 2009 — The shellescape function in Vim 7.0 through 7.2, including 7.2a.10, allows user-assisted attackers to execute arbitrary code via the "!" (exclamation point) shell metacharacter in (1) the filename of a ZIP archive and possibly (2) the filename of the first file in a ZIP archive, which is not properly handled by zip.vim in the VIM ZIP plugin (zipPlugin.vim) v.11 through v.21, as demonstrated by the zipplugin and zipplugin.v2 test cases. NOTE: this issue reportedly exists because of an incomplete fix for CVE-... • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506919 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.8EPSS: 0%CPEs: 18EXPL: 2CVE-2008-3074 – plugin: improper Implementation of shellescape() (arbitrary code execution)
https://notcve.org/view.php?id=CVE-2008-3074
21 Feb 2009 — The shellescape function in Vim 7.0 through 7.2, including 7.2a.10, allows user-assisted attackers to execute arbitrary code via the "!" (exclamation point) shell metacharacter in (1) the filename of a tar archive and possibly (2) the filename of the first file in a tar archive, which is not properly handled by the VIM TAR plugin (tar.vim) v.10 through v.22, as demonstrated by the shellescape, tarplugin.v2, tarplugin, and tarplugin.updated test cases. NOTE: this issue reportedly exists because of an incompl... • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506919 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.8EPSS: 0%CPEs: 21EXPL: 0CVE-2009-0316
https://notcve.org/view.php?id=CVE-2009-0316
28 Jan 2009 — Untrusted search path vulnerability in src/if_python.c in the Python interface in Vim before 7.2.045 allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to a vulnerability in the PySys_SetArgv function (CVE-2008-5983), as demonstrated by an erroneous search path for plugin/bike.vim in bicyclerepair. Una vulnerabilidad de ruta de búsqueda no confiable en el archivo src/if_python.c en la interfaz de Python en Vim en versiones anteriores a 7.2.0... • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=484305 •