CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-4738 – Heap-based Buffer Overflow in vim/vim
https://notcve.org/view.php?id=CVE-2023-4738
02 Sep 2023 — Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1848. Desbordamiento de búfer basado en el heap en el repositorio de GitHub vim/vim versió anterior a 9.0.1848. It was discovered that Vim could be made to divide by zero. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 23.04. • http://seclists.org/fulldisclosure/2023/Oct/24 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-4736 – Untrusted Search Path in vim/vim
https://notcve.org/view.php?id=CVE-2023-4736
02 Sep 2023 — Untrusted Search Path in GitHub repository vim/vim prior to 9.0.1833. Ruta de búsqueda no fiable en el repositorio de GitHub vim/vim anterior a la versión 9.0.1833. macOS Sonoma 14.1 addresses bypass, code execution, spoofing, and use-after-free vulnerabilities. • http://seclists.org/fulldisclosure/2023/Oct/24 • CWE-426: Untrusted Search Path •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-4735 – Out-of-bounds Write in vim/vim
https://notcve.org/view.php?id=CVE-2023-4735
02 Sep 2023 — Out-of-bounds Write in GitHub repository vim/vim prior to 9.0.1847. Escritura fuera de límites en el repositorio de GitHub vim/vim en versiones anteriores a la 9.0.1847. macOS Sonoma 14.1 addresses bypass, code execution, spoofing, and use-after-free vulnerabilities. • http://seclists.org/fulldisclosure/2023/Oct/24 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-4734 – Integer Overflow or Wraparound in vim/vim
https://notcve.org/view.php?id=CVE-2023-4734
02 Sep 2023 — Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0.1846. Un Desbordamiento de Enteros o Wraparound en el repositorio de GitHub vim/vim version anterior a 9.0.1846. It was discovered that Vim could be made to divide by zero. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 23.04. • http://seclists.org/fulldisclosure/2023/Oct/24 • CWE-190: Integer Overflow or Wraparound •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2021-3236
https://notcve.org/view.php?id=CVE-2021-3236
11 Aug 2023 — vim 8.2.2348 is affected by null pointer dereference, allows local attackers to cause a denial of service (DoS) via the ex_buffer_all method. vim 8.2.2348 se ve afectado por la desreferencia del puntero nulo, permite a los atacantes locales provocar una denegación de servicio (DoS) a través del método ex_buffer_all. • https://github.com/vim/vim/issues/7674 • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-3896 – A divide by zero issue existed in vim of OpenCloudOS Stream
https://notcve.org/view.php?id=CVE-2023-3896
07 Aug 2023 — Divide By Zero in vim/vim from 9.0.1367-1 to 9.0.1367-3 Divide By Zero in vim/vim from 9.0.1367-1 to 9.0.1367-3 It was discovered that Vim could be made to divide by zero. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 23.04. It was discovered that Vim did not properly manage memory. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. • https://github.com/vim/vim/issues/12528 • CWE-369: Divide By Zero •
CVSS: 10.0EPSS: 2%CPEs: 1EXPL: 1CVE-2020-20703
https://notcve.org/view.php?id=CVE-2020-20703
20 Jun 2023 — Buffer Overflow vulnerability in VIM v.8.1.2135 allows a remote attacker to execute arbitrary code via the operand parameter. • https://github.com/vim/vim/issues/5041 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-2609 – NULL Pointer Dereference in vim/vim
https://notcve.org/view.php?id=CVE-2023-2609
09 May 2023 — NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.1531. It was discovered that Vim was using uninitialized memory when fuzzy matching, which could lead to invalid memory access. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 22.04 LTS, Ubuntu 22.10 and Ubuntu 23.04. It was discovered that Vim was not properly performing bounds checks when processing register contents, which could lead to a NULL pointer derefe... • https://github.com/vim/vim/commit/d1ae8366aff286d41e7f5bc513cc0a1af5130aad • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-2610 – Integer Overflow or Wraparound in vim/vim
https://notcve.org/view.php?id=CVE-2023-2610
09 May 2023 — Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0.1532. It was discovered that Vim was using uninitialized memory when fuzzy matching, which could lead to invalid memory access. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 22.04 LTS, Ubuntu 22.10 and Ubuntu 23.04. It was discovered that Vim was not properly performing bounds checks when processing register contents, which could lead to a NULL pointer ... • https://github.com/vim/vim/commit/ab9a2d884b3a4abe319606ea95a5a6d6b01cd73a • CWE-190: Integer Overflow or Wraparound •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-2426 – Use of Out-of-range Pointer Offset in vim/vim
https://notcve.org/view.php?id=CVE-2023-2426
29 Apr 2023 — Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 9.0.1499. It was discovered that Vim was using uninitialized memory when fuzzy matching, which could lead to invalid memory access. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 22.04 LTS, Ubuntu 22.10 and Ubuntu 23.04. It was discovered that Vim was not properly performing bounds checks when processing register contents, which could lead to a NULL poin... • https://github.com/vim/vim/commit/caf642c25de526229264cab9425e7c9979f3509b • CWE-823: Use of Out-of-range Pointer Offset •