CVE-2023-4736 – Untrusted Search Path in vim/vim
https://notcve.org/view.php?id=CVE-2023-4736
Untrusted Search Path in GitHub repository vim/vim prior to 9.0.1833. Ruta de búsqueda no fiable en el repositorio de GitHub vim/vim anterior a la versión 9.0.1833. • http://seclists.org/fulldisclosure/2023/Oct/24 https://github.com/vim/vim/commit/816fbcc262687b81fc46f82f7bbeb1453addfe0c https://huntr.dev/bounties/e1ce0995-4df4-4dec-9cd7-3136ac3e8e71 https://support.apple.com/kb/HT213984 • CWE-426: Untrusted Search Path •
CVE-2023-4735 – Out-of-bounds Write in vim/vim
https://notcve.org/view.php?id=CVE-2023-4735
Out-of-bounds Write in GitHub repository vim/vim prior to 9.0.1847. Escritura fuera de límites en el repositorio de GitHub vim/vim en versiones anteriores a la 9.0.1847. • http://seclists.org/fulldisclosure/2023/Oct/24 https://github.com/vim/vim/commit/889f6af37164775192e33b233a90e86fd3df0f57 https://huntr.dev/bounties/fc83bde3-f621-42bd-aecb-8c1ae44cba51 https://support.apple.com/kb/HT213984 • CWE-787: Out-of-bounds Write •
CVE-2023-4734 – Integer Overflow or Wraparound in vim/vim
https://notcve.org/view.php?id=CVE-2023-4734
Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0.1846. Un Desbordamiento de Enteros o Wraparound en el repositorio de GitHub vim/vim version anterior a 9.0.1846. • http://seclists.org/fulldisclosure/2023/Oct/24 https://github.com/vim/vim/commit/4c6fe2e2ea62469642ed1d80b16d39e616b25cf5 https://huntr.dev/bounties/688e4382-d2b6-439a-a54e-484780f82217 https://support.apple.com/kb/HT213984 • CWE-190: Integer Overflow or Wraparound •
CVE-2020-20703
https://notcve.org/view.php?id=CVE-2020-20703
Buffer Overflow vulnerability in VIM v.8.1.2135 allows a remote attacker to execute arbitrary code via the operand parameter. • https://github.com/vim/vim/issues/5041 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVE-2023-2609 – NULL Pointer Dereference in vim/vim
https://notcve.org/view.php?id=CVE-2023-2609
NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.1531. • https://github.com/vim/vim/commit/d1ae8366aff286d41e7f5bc513cc0a1af5130aad https://huntr.dev/bounties/1679be5a-565f-4a44-a430-836412a0b622 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PCLJN4QINITA3ZASKLEJ64C5TFNKELMO https://support.apple.com/kb/HT213844 https://support.apple.com/kb/HT213845 • CWE-476: NULL Pointer Dereference •