CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 1CVE-2022-1927 – Buffer Over-read in vim/vim
https://notcve.org/view.php?id=CVE-2022-1927
Buffer Over-read in GitHub repository vim/vim prior to 8.2. Una lectura excesiva del Búfer en el repositorio de GitHub vim/vim versiones anteriores a 8.2 A flaw was found in vim. The vulnerability occurs due to Illegal memory access and leads to a buffer over-read vulnerability in the utf_ptr2char function. This flaw allows an attacker to input a specially crafted file, leading to a crash or code execution. • http://seclists.org/fulldisclosure/2022/Oct/28 http://seclists.org/fulldisclosure/2022/Oct/41 https://github.com/vim/vim/commit/4d97a565ae8be0d4debba04ebd2ac3e75a0c8010 https://huntr.dev/bounties/945107ef-0b27-41c7-a03c-db99def0e777 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OZSLFIKFYU5Y2KM5EJKQNYHWRUBDQ4GJ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QMFHBC5OQXDPV2SDYA2JUQGVCPYASTJB https://lists.fedoraproject.org/archives/list/package-anno • CWE-125: Out-of-bounds Read CWE-126: Buffer Over-read •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 1CVE-2022-1898 – Use After Free in vim/vim
https://notcve.org/view.php?id=CVE-2022-1898
Use After Free in GitHub repository vim/vim prior to 8.2. Un Uso de Memoria Previamente Liberada en el repositorio de GitHub vim/vim versiones anteriores a 8.2 • http://seclists.org/fulldisclosure/2022/Oct/28 http://seclists.org/fulldisclosure/2022/Oct/41 https://github.com/vim/vim/commit/e2fa213cf571041dbd04ab0329303ffdc980678a https://huntr.dev/bounties/45aad635-c2f1-47ca-a4f9-db5b25979cea https://lists.debian.org/debian-lts-announce/2022/06/msg00014.html https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OZSLFIKFYU5Y2KM5EJKQNYHWRUBDQ4GJ https://lists.fedoraproject& • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 1CVE-2022-1897 – Out-of-bounds Write in vim/vim
https://notcve.org/view.php?id=CVE-2022-1897
Out-of-bounds Write in GitHub repository vim/vim prior to 8.2. Una Escritura Fuera de Límites en el repositorio de GitHub vim/vim versiones anteriores a 8.2 A flaw was found in vim. The vulnerability occurs due to Illegal memory access and leads to an out-of-bounds write vulnerability in the vim_regsub_both function. This flaw allows an attacker to input a specially crafted file, leading to a crash or code execution. • http://seclists.org/fulldisclosure/2022/Oct/28 http://seclists.org/fulldisclosure/2022/Oct/41 https://github.com/vim/vim/commit/338f1fc0ee3ca929387448fe464579d6113fa76a https://huntr.dev/bounties/82c12151-c283-40cf-aa05-2e39efa89118 https://lists.debian.org/debian-lts-announce/2022/11/msg00032.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OZSLFIKFYU5Y2KM5EJKQNYHWRUBDQ4GJ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QMFHBC5OQXD • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 1CVE-2022-1851 – Out-of-bounds Read in vim/vim
https://notcve.org/view.php?id=CVE-2022-1851
Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. Una Lectura Fuera de Límites en el repositorio GitHub vim/vim versiones anteriores a 8.2 • http://seclists.org/fulldisclosure/2022/Oct/28 http://seclists.org/fulldisclosure/2022/Oct/41 https://github.com/vim/vim/commit/78d52883e10d71f23ab72a3d8b9733b00da8c9ad https://huntr.dev/bounties/f8af901a-9a46-440d-942a-8f815b59394d https://lists.debian.org/debian-lts-announce/2022/06/msg00014.html https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OZSLFIKFYU5Y2KM5EJKQNYHWRUBDQ4GJ https://lists.fedoraproject& • CWE-125: Out-of-bounds Read •
CVSS: 9.3EPSS: 0%CPEs: 4EXPL: 0CVE-2022-26737
https://notcve.org/view.php?id=CVE-2022-26737
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in tvOS 15.5, macOS Monterey 12.4, iOS 15.5 and iPadOS 15.5. An application may be able to execute arbitrary code with kernel privileges. Se abordó un problema de escritura fuera de límites con una comprobación de límites mejorada. Este problema es corregido en tvOS versión 15.5, macOS Monterey versión 12.4, iOS versión 15.5 y iPadOS versión 15.5. • https://support.apple.com/en-us/HT213254 https://support.apple.com/en-us/HT213257 https://support.apple.com/en-us/HT213258 • CWE-787: Out-of-bounds Write •