CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 1CVE-2022-0261 – Heap-based Buffer Overflow in vim/vim
https://notcve.org/view.php?id=CVE-2022-0261
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. Un Desbordamiento de Búfer en la región Heap de la memoria en el repositorio GitHub vim/vim versiones anteriores a 8.2 A heap based out-of-bounds write flaw was found in vim's ops.c. This flaw allows an attacker to trick a user to open a crafted file triggering an out-of-bounds write. This vulnerability is capable of crashing software, modify memory, and possible code execution. • http://seclists.org/fulldisclosure/2022/Oct/28 http://seclists.org/fulldisclosure/2022/Oct/41 http://seclists.org/fulldisclosure/2022/Oct/43 https://github.com/vim/vim/commit/9f8c304c8a390ade133bac29963dc8e56ab14cbc https://huntr.dev/bounties/fa795954-8775-4f23-98c6-d4d4d3fe8a82 https://lists.debian.org/debian-lts-announce/2022/05/msg00022.html https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html https://security.gentoo.org/glsa/202208-32 https://support.apple.com/kb/HT213444&# • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 17EXPL: 1CVE-2022-0128 – Out-of-bounds Read in vim/vim
https://notcve.org/view.php?id=CVE-2022-0128
vim is vulnerable to Out-of-bounds Read vim es vulnerable a una Lectura Fuera de Límites. • http://seclists.org/fulldisclosure/2022/Jul/14 http://seclists.org/fulldisclosure/2022/Mar/29 http://seclists.org/fulldisclosure/2022/May/35 http://www.openwall.com/lists/oss-security/2022/01/15/1 https://github.com/vim/vim/commit/d3a117814d6acbf0dca3eff1a7626843b9b3734a https://huntr.dev/bounties/63f51299-008a-4112-b85b-1e904aadd4ba https://security.gentoo.org/glsa/202208-32 https://support.apple.com/kb/HT213183 https://support.apple.com/kb/HT213256 https://support.apple.com/kb&# • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 20EXPL: 1CVE-2021-4193 – Out-of-bounds Read in vim/vim
https://notcve.org/view.php?id=CVE-2021-4193
vim is vulnerable to Out-of-bounds Read vim es vulnerable a una Lectura Fuera de Límites. It was found that vim was vulnerable to an out-of-bound read flaw in getvcol(). A specially crafted file could be used to, when opened in vim, disclose some of the process's internal memory. • http://seclists.org/fulldisclosure/2022/Jul/14 http://seclists.org/fulldisclosure/2022/Mar/29 http://seclists.org/fulldisclosure/2022/May/35 http://www.openwall.com/lists/oss-security/2022/01/15/1 https://github.com/vim/vim/commit/94f3192b03ed27474db80b4d3a409e107140738b https://huntr.dev/bounties/92c1940d-8154-473f-84ce-0de43b0c2eb0 https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html https://lists.fedora • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 20EXPL: 1CVE-2021-4192 – Use After Free in vim/vim
https://notcve.org/view.php?id=CVE-2021-4192
vim is vulnerable to Use After Free vim es vulnerable a un Uso de Memoria Previamente Liberada. It was found that vim was vulnerable to use-after-free flaw in win_linetabsize(). Sourcing a specially crafted file in vim could crash the vim process or possibly lead to other undefined behaviors. • http://seclists.org/fulldisclosure/2022/Jul/14 http://seclists.org/fulldisclosure/2022/Mar/29 http://seclists.org/fulldisclosure/2022/May/35 http://www.openwall.com/lists/oss-security/2022/01/15/1 https://github.com/vim/vim/commit/4c13e5e6763c6eb36a343a2b8235ea227202e952 https://huntr.dev/bounties/6dd9cb2e-a940-4093-856e-59b502429f22 https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html https://lists.fedora • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 19EXPL: 1CVE-2021-4187 – Use After Free in vim/vim
https://notcve.org/view.php?id=CVE-2021-4187
vim is vulnerable to Use After Free vim es vulnerable a un Uso de Memoria Previamente Liberada • http://seclists.org/fulldisclosure/2022/Jul/14 http://seclists.org/fulldisclosure/2022/Mar/29 http://seclists.org/fulldisclosure/2022/May/35 http://www.openwall.com/lists/oss-security/2022/01/15/1 https://github.com/vim/vim/commit/4bf1006cae7e87259ccd5219128c3dba75774441 https://huntr.dev/bounties/a8bee03a-6e2e-43bf-bee3-4968c5386a2e https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2EY2VFBU3YGGWI5BW4XKT3F37MYGEQUD https://lists.fedoraproject.org/archives/list/package& • CWE-416: Use After Free •