CVE-2021-3928 – Use of Uninitialized Variable in vim/vim
https://notcve.org/view.php?id=CVE-2021-3928
vim is vulnerable to Use of Uninitialized Variable vim es vulnerable al uso de una variable no inicializada • http://www.openwall.com/lists/oss-security/2022/01/15/1 https://github.com/vim/vim/commit/15d9890eee53afc61eb0a03b878a19cb5672f732 https://huntr.dev/bounties/29c3ebd2-d601-481c-bf96-76975369d0cd https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BCQWPEY2AEYBELCMJYHYWYCD3PZVD2H7 https://lists.fedoraproject.org/archives/list/package-announce% • CWE-457: Use of Uninitialized Variable CWE-908: Use of Uninitialized Resource •
CVE-2021-3903 – Heap-based Buffer Overflow in vim/vim
https://notcve.org/view.php?id=CVE-2021-3903
vim is vulnerable to Heap-based Buffer Overflow vim es vulnerable al desbordamiento del búfer en la región Heap de la memoria • http://www.openwall.com/lists/oss-security/2022/01/15/1 https://github.com/vim/vim/commit/777e7c21b7627be80961848ac560cb0a9978ff43 https://huntr.dev/bounties/35738a4f-55ce-446c-b836-2fb0b39625f8 https://lists.debian.org/debian-lts-announce/2022/06/msg00014.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BN4EX7BPQU7RP6PXCNCSDORUZBXQ4JUH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DU26T75PYA3OF7XJGNKMT2ZCQEU4UKP5 https://lists.fedo • CWE-122: Heap-based Buffer Overflow CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •
CVE-2021-3872 – Heap-based Buffer Overflow in vim/vim
https://notcve.org/view.php?id=CVE-2021-3872
vim is vulnerable to Heap-based Buffer Overflow vim es vulnerable a un Desbordamiento del Búfer en la región Heap de la Memoria An out-of-bounds write flaw was found in vim's drawscreen.c win_redr_status() function. This flaw allows an attacker to trick a user to open a crafted file with specific arguments in vim, triggering an out-of-bounds write. The highest threat from this vulnerability is to confidentiality, integrity, and system availability. • https://github.com/vim/vim/commit/826bfe4bbd7594188e3d74d2539d9707b1c6a14b https://huntr.dev/bounties/c958013b-1c09-4939-92ca-92f50aa169e8 https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7K4JJBIH3OQSZRVTWKCJCDLGMFGQ5DOH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S42L4Z4DTW4LHLQ4FJ33VEOXRCBE7WN4 https://security.gentoo.org/glsa/202208-32 https://access.redhat.com/security/cv • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVE-2021-3875 – Heap-based Buffer Overflow in vim/vim
https://notcve.org/view.php?id=CVE-2021-3875
vim is vulnerable to Heap-based Buffer Overflow vim es vulnerable a un desbordamiento del búfer en la región heap de la memoria • http://www.openwall.com/lists/oss-security/2022/01/15/1 https://github.com/vim/vim/commit/35a319b77f897744eec1155b736e9372c9c5575f https://huntr.dev/bounties/5cdbc168-6ba1-4bc2-ba6c-28be12166a53 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7K4JJBIH3OQSZRVTWKCJCDLGMFGQ5DOH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S42L4Z4DTW4LHLQ4FJ33VEOXRCBE7WN4 https://security.gentoo.org/glsa/202208-32 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVE-2021-3778 – Heap-based Buffer Overflow in vim/vim
https://notcve.org/view.php?id=CVE-2021-3778
vim is vulnerable to Heap-based Buffer Overflow vim es vulnerable a un desbordamiento del búfer en la región Heap de la memoria A flaw was found in vim. A possible heap-based buffer overflow could allow an attacker to input a specially crafted file leading to a crash or code execution. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. • http://www.openwall.com/lists/oss-security/2021/10/01/1 https://github.com/vim/vim/commit/65b605665997fad54ef39a93199e305af2fe4d7f https://huntr.dev/bounties/d9c17308-2c99-4f9f-a706-f7f72c24c273 https://lists.debian.org/debian-lts-announce/2022/01/msg00003.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7K4JJBIH3OQSZRVTWKCJCDLGMFGQ5DOH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S42L4Z4DTW4LHLQ4FJ33VEOXRCBE7WN4 https://lists.fedo • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •