CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 1CVE-2022-0261 – Heap-based Buffer Overflow in vim/vim
https://notcve.org/view.php?id=CVE-2022-0261
18 Jan 2022 — Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. Un Desbordamiento de Búfer en la región Heap de la memoria en el repositorio GitHub vim/vim versiones anteriores a 8.2 A heap based out-of-bounds write flaw was found in vim's ops.c. This flaw allows an attacker to trick a user to open a crafted file triggering an out-of-bounds write. This vulnerability is capable of crashing software, modify memory, and possible code execution. • http://seclists.org/fulldisclosure/2022/Oct/28 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 6.8EPSS: 0%CPEs: 5EXPL: 1CVE-2022-0156 – Use After Free in vim/vim
https://notcve.org/view.php?id=CVE-2022-0156
10 Jan 2022 — vim is vulnerable to Use After Free vim es vulnerable a un Uso de Memoria Previamente Liberada • http://seclists.org/fulldisclosure/2022/Jul/13 • CWE-416: Use After Free •
CVSS: 6.8EPSS: 0%CPEs: 5EXPL: 1CVE-2022-0158 – Heap-based Buffer Overflow in vim/vim
https://notcve.org/view.php?id=CVE-2022-0158
10 Jan 2022 — vim is vulnerable to Heap-based Buffer Overflow vim es vulnerable a un Desbordamiento del Búfer en la región Heap de la Memoria • http://seclists.org/fulldisclosure/2022/Jul/13 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 20EXPL: 1CVE-2021-4192 – Use After Free in vim/vim
https://notcve.org/view.php?id=CVE-2021-4192
31 Dec 2021 — vim is vulnerable to Use After Free vim es vulnerable a un Uso de Memoria Previamente Liberada. It was found that vim was vulnerable to use-after-free flaw in win_linetabsize(). Sourcing a specially crafted file in vim could crash the vim process or possibly lead to other undefined behaviors. • http://seclists.org/fulldisclosure/2022/Jul/14 • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 20EXPL: 1CVE-2021-4193 – Out-of-bounds Read in vim/vim
https://notcve.org/view.php?id=CVE-2021-4193
31 Dec 2021 — vim is vulnerable to Out-of-bounds Read vim es vulnerable a una Lectura Fuera de Límites. It was found that vim was vulnerable to an out-of-bound read flaw in getvcol(). A specially crafted file could be used to, when opened in vim, disclose some of the process's internal memory. • http://seclists.org/fulldisclosure/2022/Jul/14 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 19EXPL: 1CVE-2021-4187 – Use After Free in vim/vim
https://notcve.org/view.php?id=CVE-2021-4187
29 Dec 2021 — vim is vulnerable to Use After Free vim es vulnerable a un Uso de Memoria Previamente Liberada • http://seclists.org/fulldisclosure/2022/Jul/14 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 19EXPL: 1CVE-2021-4173 – Use After Free in vim/vim
https://notcve.org/view.php?id=CVE-2021-4173
27 Dec 2021 — vim is vulnerable to Use After Free vim es vulnerable a un Uso de Memoria previamente Liberada • http://seclists.org/fulldisclosure/2022/Jul/14 • CWE-416: Use After Free •
CVSS: 7.1EPSS: 0%CPEs: 26EXPL: 1CVE-2021-4166 – Out-of-bounds Read in vim/vim
https://notcve.org/view.php?id=CVE-2021-4166
25 Dec 2021 — vim is vulnerable to Out-of-bounds Read vim es vulnerable a una Lectura Fuera de Límites • http://seclists.org/fulldisclosure/2022/Jul/14 • CWE-125: Out-of-bounds Read •
CVSS: 8.2EPSS: 43%CPEs: 37EXPL: 0CVE-2021-44224 – Possible NULL dereference or SSRF in forward proxy configurations in Apache HTTP Server 2.4.51 and earlier
https://notcve.org/view.php?id=CVE-2021-44224
20 Dec 2021 — A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL pointer dereference) or, for configurations mixing forward and reverse proxy declarations, can allow for requests to be directed to a declared Unix Domain Socket endpoint (Server Side Request Forgery). This issue affects Apache HTTP Server 2.4.7 up to 2.4.51 (included). Un URI diseñado que es enviado a httpd configurado como proxy directo (ProxyRequests on) puede causar un fallo (desreferencia de puntero NUL... • http://httpd.apache.org/security/vulnerabilities_24.html • CWE-476: NULL Pointer Dereference CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 9.8EPSS: 16%CPEs: 35EXPL: 2CVE-2021-44790 – Possible buffer overflow when parsing multipart content in mod_lua of Apache HTTP Server 2.4.51 and earlier
https://notcve.org/view.php?id=CVE-2021-44790
20 Dec 2021 — A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Server 2.4.51 and earlier. Un cuerpo de petición cuidadosamente diseñado puede causar un desbordamiento de búfer en el analizador multiparte mod_lua (r:parsebody() llamado desde scripts Lua). El equipo de Apache httpd no presenta const... • https://www.exploit-db.com/exploits/51193 • CWE-787: Out-of-bounds Write •