CVE-2022-0554 – Use of Out-of-range Pointer Offset in vim/vim
https://notcve.org/view.php?id=CVE-2022-0554
Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2. Un uso del desplazamiento de Puntero Fuera de Rango en el repositorio de GitHub vim/vim anterior a 8.2 A flaw was found in vim that causes an out-of-range pointer offset vulnerability. This flaw allows an attacker to input a specially crafted file, leading to a crash or code execution. • http://seclists.org/fulldisclosure/2022/Oct/28 http://seclists.org/fulldisclosure/2022/Oct/41 https://github.com/vim/vim/commit/e3537aec2f8d6470010547af28dcbd83d41461b8 https://huntr.dev/bounties/7e8f6cd0-b5ee-48a2-8255-6a86f4c46c71 https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7ZLEHVP4LNAGER4ZDGUDS5V5YVQD6INF https://security.gentoo. • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-823: Use of Out-of-range Pointer Offset •
CVE-2022-0443 – Use After Free in vim/vim
https://notcve.org/view.php?id=CVE-2022-0443
Use After Free in GitHub repository vim/vim prior to 8.2. Un Uso de Memoria Previamente Liberada en el repositorio de GitHub vim/vim de versiones anteriores a 8.2 • https://github.com/vim/vim/commit/9b4a80a66544f2782040b641498754bcb5b8d461 https://huntr.dev/bounties/b987c8cb-bbbe-4601-8a6c-54ff907c6b51 https://lists.debian.org/debian-lts-announce/2022/05/msg00022.html https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7ZLEHVP4LNAGER4ZDGUDS5V5YVQD6INF https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UFXFAILMLUIK4MBUEZO4HNBNKYZRJ5AP https://secur • CWE-416: Use After Free •
CVE-2022-0417 – Heap-based Buffer Overflow in vim/vim
https://notcve.org/view.php?id=CVE-2022-0417
Heap-based Buffer Overflow GitHub repository vim/vim prior to 8.2. Un desbordamiento de búfer basado en Heap Repositorio de GitHub vim/vim anterior a 8.2 • https://github.com/vim/vim/commit/652dee448618589de5528a9e9a36995803f5557a https://huntr.dev/bounties/fc86bc8d-c866-4ade-8b7f-e49cec306d1a https://lists.debian.org/debian-lts-announce/2022/06/msg00014.html https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7ZLEHVP4LNAGER4ZDGUDS5V5YVQD6INF https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UFXFAILMLUIK4MBUEZO4HNBNKYZRJ5AP https://secur • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVE-2022-0407 – Heap-based Buffer Overflow in vim/vim
https://notcve.org/view.php?id=CVE-2022-0407
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. Un desbordamiento de búfer basado en Heap en el repositorio de GitHub vim/vim anterior a 8.2 • https://github.com/vim/vim/commit/44db8213d38c39877d2148eff6a72f4beccfb94e https://huntr.dev/bounties/81822bf7-aafe-4d37-b836-1255d46e572c https://security.gentoo.org/glsa/202208-32 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVE-2022-0413 – Use After Free in vim/vim
https://notcve.org/view.php?id=CVE-2022-0413
Use After Free in GitHub repository vim/vim prior to 8.2. Un Uso de Memoria Previamente Liberada en el repositorio GitHub vim/vim anterior a la versión 8.2. A flaw was found in vim. The vulnerability occurs due to using freed memory when the substitute uses a recursive function call, resulting in a use-after-free vulnerability. This flaw allows an attacker to input a specially crafted file, leading to a crash or code execution. • https://github.com/vim/vim/commit/37f47958b8a2a44abc60614271d9537e7f14e51a https://huntr.dev/bounties/563d1e8f-5c3d-4669-941c-3216f4a87c38 https://lists.debian.org/debian-lts-announce/2022/05/msg00022.html https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7ZLEHVP4LNAGER4ZDGUDS5V5YVQD6INF https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UFXFAILMLUIK4MBUEZO4HNBNKYZRJ5AP https://secur • CWE-416: Use After Free •