CVE-2022-0413 – Use After Free in vim/vim
https://notcve.org/view.php?id=CVE-2022-0413
Use After Free in GitHub repository vim/vim prior to 8.2. Un Uso de Memoria Previamente Liberada en el repositorio GitHub vim/vim anterior a la versión 8.2. A flaw was found in vim. The vulnerability occurs due to using freed memory when the substitute uses a recursive function call, resulting in a use-after-free vulnerability. This flaw allows an attacker to input a specially crafted file, leading to a crash or code execution. • https://github.com/vim/vim/commit/37f47958b8a2a44abc60614271d9537e7f14e51a https://huntr.dev/bounties/563d1e8f-5c3d-4669-941c-3216f4a87c38 https://lists.debian.org/debian-lts-announce/2022/05/msg00022.html https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7ZLEHVP4LNAGER4ZDGUDS5V5YVQD6INF https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UFXFAILMLUIK4MBUEZO4HNBNKYZRJ5AP https://secur • CWE-416: Use After Free •
CVE-2022-0408 – Stack-based Buffer Overflow in vim/vim
https://notcve.org/view.php?id=CVE-2022-0408
Stack-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. Desbordamiento de búfer basado en la pila en el repositorio de GitHub vim/vim anterior a la versión 8.2. • https://github.com/vim/vim/commit/06f15416bb8d5636200a10776f1752c4d6e49f31 https://huntr.dev/bounties/5e635bad-5cf6-46cd-aeac-34ef224e179d https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7ZLEHVP4LNAGER4ZDGUDS5V5YVQD6INF https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UFXFAILMLUIK4MBUEZO4HNBNKYZRJ5AP https://secur • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVE-2022-0393 – Out-of-bounds Read in vim/vim
https://notcve.org/view.php?id=CVE-2022-0393
Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. Una Lectura Fuera de Límites en Conda vim versiones anteriores a 8.2 • https://github.com/vim/vim/commit/a4bc2dd7cccf5a4a9f78b58b6f35a45d17164323 https://huntr.dev/bounties/ecc8f488-01a0-477f-848f-e30b8e524bba https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7ZLEHVP4LNAGER4ZDGUDS5V5YVQD6INF https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UFXFAILMLUIK4MBUEZO4HNBNKYZRJ5AP https://security.gentoo.org/glsa/202208-32 • CWE-125: Out-of-bounds Read •
CVE-2022-0392 – Heap-based Buffer Overflow in vim/vim
https://notcve.org/view.php?id=CVE-2022-0392
Heap-based Buffer Overflow in GitHub repository vim prior to 8.2. Desbordamiento de búfer basado en Heap en el repositorio de GitHub vim anterior a 8.2 A flaw was found in vim. The vulnerability occurs due to illegal memory access with bracketed paste in Ex mode and leads to a heap buffer overflow. This flaw allows an attacker to input a specially crafted file, leading to a crash or code execution. • http://seclists.org/fulldisclosure/2022/Oct/28 http://seclists.org/fulldisclosure/2022/Oct/41 http://seclists.org/fulldisclosure/2022/Oct/43 https://github.com/vim/vim/commit/806d037671e133bd28a7864248763f643967973a https://huntr.dev/bounties/d00a2acd-1935-4195-9d5b-4115ef6b3126 https://lists.debian.org/debian-lts-announce/2022/11/msg00032.html https://security.gentoo.org/glsa/202208-32 https://support.apple.com/kb/HT213444 https://support.apple.com/kb/HT213488 https://access.redhat.com& • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVE-2022-0361 – Heap-based Buffer Overflow in vim/vim
https://notcve.org/view.php?id=CVE-2022-0361
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. Un desbordamiento de búfer basado en Heap en el repositorio de GitHub vim/vim anterior a 8.2 A flaw was found in vim. The vulnerability occurs due to illegal memory access when copying lines in visual mode and leads to a heap buffer overflow. This flaw allows an attacker to input a specially crafted file, leading to a crash or code execution. • http://seclists.org/fulldisclosure/2022/Oct/28 http://seclists.org/fulldisclosure/2022/Oct/41 http://seclists.org/fulldisclosure/2022/Oct/43 https://github.com/vim/vim/commit/dc5490e2cbc8c16022a23b449b48c1bd0083f366 https://huntr.dev/bounties/a055618c-0311-409c-a78a-99477121965b https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html https://security.gentoo.org/glsa/202208-32 https://support.apple.com/kb/HT213444 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •