CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 1CVE-2022-1927 – Buffer Over-read in vim/vim
https://notcve.org/view.php?id=CVE-2022-1927
29 May 2022 — Buffer Over-read in GitHub repository vim/vim prior to 8.2. Una lectura excesiva del Búfer en el repositorio de GitHub vim/vim versiones anteriores a 8.2 A flaw was found in vim. The vulnerability occurs due to Illegal memory access and leads to a buffer over-read vulnerability in the utf_ptr2char function. This flaw allows an attacker to input a specially crafted file, leading to a crash or code execution. Red Hat Advanced Cluster Management for Kubernetes 2.6.0 images Red Hat Advanced Cluster Management f... • http://seclists.org/fulldisclosure/2022/Oct/28 • CWE-125: Out-of-bounds Read CWE-126: Buffer Over-read •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 1CVE-2022-1897 – Out-of-bounds Write in vim/vim
https://notcve.org/view.php?id=CVE-2022-1897
27 May 2022 — Out-of-bounds Write in GitHub repository vim/vim prior to 8.2. Una Escritura Fuera de Límites en el repositorio de GitHub vim/vim versiones anteriores a 8.2 A flaw was found in vim. The vulnerability occurs due to Illegal memory access and leads to an out-of-bounds write vulnerability in the vim_regsub_both function. This flaw allows an attacker to input a specially crafted file, leading to a crash or code execution. Red Hat Advanced Cluster Management for Kubernetes 2.6.0 images Red Hat Advanced Cluster Ma... • http://seclists.org/fulldisclosure/2022/Oct/28 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 1CVE-2022-1898 – Use After Free in vim/vim
https://notcve.org/view.php?id=CVE-2022-1898
27 May 2022 — Use After Free in GitHub repository vim/vim prior to 8.2. Un Uso de Memoria Previamente Liberada en el repositorio de GitHub vim/vim versiones anteriores a 8.2 It was discovered that Vim incorrectly handled memory when opening certain files. If an attacker could trick a user into opening a specially crafted file, it could cause Vim to crash, or possible execute arbitrary code. This issue only affected Ubuntu 14.04 ESM, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. • http://seclists.org/fulldisclosure/2022/Oct/28 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 1CVE-2022-1851 – Out-of-bounds Read in vim/vim
https://notcve.org/view.php?id=CVE-2022-1851
25 May 2022 — Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. Una Lectura Fuera de Límites en el repositorio GitHub vim/vim versiones anteriores a 8.2 It was discovered that Vim incorrectly handled memory when opening certain files. If an attacker could trick a user into opening a specially crafted file, it could cause Vim to crash, or possible execute arbitrary code. This issue only affected Ubuntu 14.04 ESM, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. • http://seclists.org/fulldisclosure/2022/Oct/28 • CWE-125: Out-of-bounds Read •
CVSS: 8.2EPSS: 0%CPEs: 2EXPL: 1CVE-2022-29181 – Improper Handling of Unexpected Data Type in Nokogiri
https://notcve.org/view.php?id=CVE-2022-29181
20 May 2022 — Nokogiri is an open source XML and HTML library for Ruby. Nokogiri prior to version 1.13.6 does not type-check all inputs into the XML and HTML4 SAX parsers, allowing specially crafted untrusted inputs to cause illegal memory access errors (segfault) or reads from unrelated memory. Version 1.13.6 contains a patch for this issue. As a workaround, ensure the untrusted input is a `String` by calling `#to_s` or equivalent. Nokogiri es una biblioteca XML y HTML de código abierto para Ruby. • http://seclists.org/fulldisclosure/2022/Dec/23 • CWE-241: Improper Handling of Unexpected Data Type CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2022-1735 – Classic Buffer Overflow in vim/vim
https://notcve.org/view.php?id=CVE-2022-1735
17 May 2022 — Classic Buffer Overflow in GitHub repository vim/vim prior to 8.2.4969. Un Desbordamiento de Búfer Clásico en el repositorio GitHub vim/vim versiones anteriores a 8.2.4969 It was discovered that Vim incorrectly handled memory when opening certain files. If an attacker could trick a user into opening a specially crafted file, it could cause Vim to crash, or possible execute arbitrary code. This issue only affected Ubuntu 14.04 ESM, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. • http://seclists.org/fulldisclosure/2022/Oct/28 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 1CVE-2022-1733 – Heap-based Buffer Overflow in vim/vim
https://notcve.org/view.php?id=CVE-2022-1733
17 May 2022 — Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4968. Un desbordamiento de búfer en la región Heap de la memoria en el repositorio de GitHub vim/vim versiones anteriores a 8.2.4968 It was discovered that Vim incorrectly handled memory when opening certain files. If an attacker could trick a user into opening a specially crafted file, it could cause Vim to crash, or possible execute arbitrary code. This issue only affected Ubuntu 14.04 ESM, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu ... • http://seclists.org/fulldisclosure/2022/Oct/28 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2022-1769 – Buffer Over-read in vim/vim
https://notcve.org/view.php?id=CVE-2022-1769
17 May 2022 — Buffer Over-read in GitHub repository vim/vim prior to 8.2.4974. Un desbordamiento de búfer en el repositorio de GitHub vim/vim versiones anteriores a 8.2.4974 macOS Ventura 13 addresses buffer overflow, bypass, code execution, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities. • http://seclists.org/fulldisclosure/2022/Oct/28 • CWE-125: Out-of-bounds Read CWE-126: Buffer Over-read •
CVSS: 6.6EPSS: 0%CPEs: 2EXPL: 1CVE-2022-1725 – NULL Pointer Dereference in vim/vim
https://notcve.org/view.php?id=CVE-2022-1725
16 May 2022 — NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.4959. Un Desreferencia de Puntero NULL en el repositorio de GitHub vim/vim versiones anteriores a 8.2.4959 It was discovered that Vim could be made to crash when searching specially crafted patterns. An attacker could possibly use this to crash Vim and cause denial of service. It was discovered that there existed a NULL pointer dereference in Vim. An attacker could possibly use this to crash Vim and cause denial of service. • http://seclists.org/fulldisclosure/2022/Oct/28 • CWE-476: NULL Pointer Dereference •
CVSS: 6.6EPSS: 0%CPEs: 5EXPL: 1CVE-2022-1674 – NULL Pointer Dereference in function vim_regexec_string at regexp.c:2733 in vim/vim
https://notcve.org/view.php?id=CVE-2022-1674
12 May 2022 — NULL Pointer Dereference in function vim_regexec_string at regexp.c:2733 in GitHub repository vim/vim prior to 8.2.4938. NULL Pointer Dereference in function vim_regexec_string at regexp.c:2733 allows attackers to cause a denial of service (application crash) via a crafted input. Una Desreferencia de Puntero NULL en la función vim_regexec_string en el archivo regexp.c:2733 en el repositorio de GitHub vim/vim versiones anteriores a 8.2.4938. Una Desreferencia de Puntero NULL en la función vim_regexec_string ... • http://seclists.org/fulldisclosure/2022/Oct/28 • CWE-476: NULL Pointer Dereference •