CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 1CVE-2022-1629 – Buffer Over-read in function find_next_quote in vim/vim
https://notcve.org/view.php?id=CVE-2022-1629
10 May 2022 — Buffer Over-read in function find_next_quote in GitHub repository vim/vim prior to 8.2.4925. This vulnerabilities are capable of crashing software, Modify Memory, and possible remote execution Una lectura Excesiva del Búfer en la función find_next_quote en el repositorio de GitHub vim/vim versiones anteriores a 8.2.4925. Esta vulnerabilidad es capaz de bloquear el software, Modificar la Memoria y una posible ejecución remota A flaw was found in vim, where it is vulnerable to a buffer over-read in the find_n... • http://seclists.org/fulldisclosure/2022/Oct/28 • CWE-125: Out-of-bounds Read CWE-126: Buffer Over-read •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 1CVE-2022-1621 – Heap buffer overflow in vim_strncpy find_word in vim/vim
https://notcve.org/view.php?id=CVE-2022-1621
09 May 2022 — Heap buffer overflow in vim_strncpy find_word in GitHub repository vim/vim prior to 8.2.4919. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution Un Desbordamiento del búfer de pila en vim_strncpy find_word en el repositorio de GitHub vim/vim versiones anteriores a 8.2.4919. Esta vulnerabilidad es capaz de bloquear el software, Omitir el Mecanismo de Protección, Modificar la Memoria y una posible ejecución remota A flaw was found in v... • http://seclists.org/fulldisclosure/2022/Oct/28 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 1CVE-2022-1619 – Heap-based Buffer Overflow in function cmdline_erase_chars in vim/vim
https://notcve.org/view.php?id=CVE-2022-1619
08 May 2022 — Heap-based Buffer Overflow in function cmdline_erase_chars in GitHub repository vim/vim prior to 8.2.4899. This vulnerabilities are capable of crashing software, modify memory, and possible remote execution Desbordamiento de búfer basado en Heap en la función cmdline_erase_chars en el repositorio de GitHub vim/vim anterior a 8.2.4899. Esta vulnerabilidad es capaz de colapsar el software, modificar la memoria, y la posible ejecución remota USN-5613-1 fixed vulnerabilities in Vim. Unfortunately that update fa... • http://seclists.org/fulldisclosure/2022/Oct/28 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 1CVE-2022-1620 – NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 in vim/vim
https://notcve.org/view.php?id=CVE-2022-1620
08 May 2022 — NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 in GitHub repository vim/vim prior to 8.2.4901. NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 allows attackers to cause a denial of service (application crash) via a crafted input. NULL Pointer Dereference en la función vim_regexec_string en regexp.c:2729 en el repositorio de GitHub vim/vim antes de 8.2.4901. NULL Pointer Dereference en la función vim_regexec_string en regexp.c:2729 permite a los atacantes ca... • http://seclists.org/fulldisclosure/2022/Oct/28 • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 1CVE-2022-1616 – Use after free in append_command in vim/vim
https://notcve.org/view.php?id=CVE-2022-1616
07 May 2022 — Use after free in append_command in GitHub repository vim/vim prior to 8.2.4895. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution Un uso de memoria previamente liberada en append_command en el repositorio de GitHub vim/vim versiones anteriores a 8.2.4895. Esta vulnerabilidad es capaz de bloquear el software, omitir el mecanismo de protección, modificar la memoria y una posible ejecución remota USN-5613-1 fixed vulnerabilities in Vi... • http://seclists.org/fulldisclosure/2022/Oct/28 • CWE-416: Use After Free •
CVSS: 6.8EPSS: 0%CPEs: 4EXPL: 1CVE-2022-1420 – Use of Out-of-range Pointer Offset in vim/vim
https://notcve.org/view.php?id=CVE-2022-1420
21 Apr 2022 — Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4774. Uso de Offset de Puntero Fuera de Rango en el repositorio GitHub vim/vim versiones anteriores a 8.2.4774 A vulnerability was found in Vim. The issue occurs when using a number in a string for the lambda name, triggering an out-of-range pointer offset vulnerability. This flaw allows an attacker to trick a user into opening a crafted script containing an argument as a number and then using it as a string pointer to access any m... • http://seclists.org/fulldisclosure/2022/Oct/28 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read CWE-823: Use of Out-of-range Pointer Offset •
CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 1CVE-2022-29458 – Ubuntu Security Notice USN-6099-1
https://notcve.org/view.php?id=CVE-2022-29458
18 Apr 2022 — ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library. ncurses versiones 6.3 anteriores al parche 20220416, presentan una lectura fuera de límites y una violación de segmentación en el archivo convert_strings en tinfo/read_entry.c en la biblioteca terminfo It was discovered that ncurses was incorrectly performing bounds checks when processing invalid hashcodes. An attacker could possibly use this issue to cause... • http://seclists.org/fulldisclosure/2022/Oct/28 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 1CVE-2022-1381 – global heap buffer overflow in skip_range in vim/vim
https://notcve.org/view.php?id=CVE-2022-1381
17 Apr 2022 — global heap buffer overflow in skip_range in GitHub repository vim/vim prior to 8.2.4763. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution Un Desbordamiento del búfer de la pila global en la función skip_range en el repositorio de GitHub vim/vim versiones anteriores a 8.2.4763. Esta vulnerabilidad es capaz de bloquear el software, Omitir el Mecanismo de Protección, Modificar la Memoria y una posible ejecución remota macOS Ventura 1... • http://seclists.org/fulldisclosure/2022/Oct/28 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 1%CPEs: 7EXPL: 0CVE-2022-24836 – Inefficient Regular Expression Complexity in Nokogiri
https://notcve.org/view.php?id=CVE-2022-24836
11 Apr 2022 — Nokogiri is an open source XML and HTML library for Ruby. Nokogiri `< v1.13.4` contains an inefficient regular expression that is susceptible to excessive backtracking when attempting to detect encoding in HTML documents. Users are advised to upgrade to Nokogiri `>= 1.13.4`. There are no known workarounds for this issue. Nokogiri es una biblioteca XML y HTML de código abierto para Ruby. • http://seclists.org/fulldisclosure/2022/Dec/23 • CWE-400: Uncontrolled Resource Consumption CWE-1333: Inefficient Regular Expression Complexity •
CVSS: 8.4EPSS: 0%CPEs: 6EXPL: 1CVE-2022-0943 – Heap-based Buffer Overflow occurs in vim in vim/vim
https://notcve.org/view.php?id=CVE-2022-0943
14 Mar 2022 — Heap-based Buffer Overflow occurs in vim in GitHub repository vim/vim prior to 8.2.4563. Se produce un desbordamiento del búfer basado en Heap en vim en el repositorio de GitHub vim/vim anterior a 8.2.4563 A heap buffer overflow flaw was found in vim's suggest_try_change() function of the spellsuggest.c file. This flaw allows an attacker to trick a user into opening a crafted file, triggering a heap-overflow and causing an application to crash, which leads to a denial of service. USN-5613-1 fixed vulnerabil... • http://seclists.org/fulldisclosure/2022/Oct/28 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •