Use After Free in GitHub repository vim/vim prior to 9.0.0882.
Use After Free in GitHub repository vim/vim prior to 9.0.0789.
Use After Free in GitHub repository vim/vim prior to 9.0.0614.
Use After Free in GitHub repository vim/vim prior to 9.0.0490.
Use After Free in GitHub repository vim/vim prior to 9.0.0530.
Use After Free in GitHub repository vim/vim prior to 9.0.0579.
Use After Free in GitHub repository vim/vim prior to 9.0.0360.
Use After Free in GitHub repository vim/vim prior to 9.0.0389.
Use After Free in GitHub repository vim/vim prior to 9.0.0260.
Use After Free in GitHub repository vim/vim prior to 9.0.0286.
Use After Free in GitHub repository vim/vim prior to 9.0.0246.
Use After Free in GitHub repository vim/vim prior to 9.0.0221.
Use After Free in GitHub repository vim/vim prior to 9.0.0225.
Use After Free in GitHub repository vim/vim prior to 9.0.0213.
Use After Free in GitHub repository vim/vim prior to 9.0.
Use After Free in GitHub repository vim/vim prior to 9.0.0046.
In radare2 through 3.5.1, the rcc_context function of libr/egg/egg_lang.c mishandles changing context. This allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact (invalid memory access in r_egg_lang_parsechar; invalid free in rcc_pusharg).
Use After Free in GitHub repository vim/vim prior to 8.2.
Use After Free in GitHub repository vim/vim prior to 8.2.4979.
Use After Free in GitHub repository vim/vim prior to 8.2.
Use After Free in GitHub repository vim/vim prior to 8.2.
Use after free in append_command in GitHub repository vim/vim prior to 8.2.4895. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution
Use After Free in GitHub repository vim/vim prior to 8.2.
Use After Free in GitHub repository vim/vim prior to v9.0.2010.
Use After Free in GitHub repository vim/vim prior to 9.0.1857.
Use After Free in GitHub repository vim/vim prior to 9.0.1840.
Use after free in utf_ptr2char in GitHub repository vim/vim prior to 8.2.4646.
Use After Free in GitHub repository vim/vim prior to 8.2.
Use After Free in GitHub repository radareorg/radare2 prior to 5.6.2.
vim is vulnerable to Use After Free
vim is vulnerable to Use After Free
A use after free in cleanup_index in index.c in Halibut 1.2 allows an attacker to cause a segmentation fault or possibly have other unspecified impact via a crafted text document.
A use after free in info_width_internal in bk_info.c in Halibut 1.2 allows an attacker to cause a segmentation fault or possibly have unspecified other impact via a crafted text document.
vim is vulnerable to Use After Free
vim is vulnerable to Use After Free
vim is vulnerable to Use After Free
Use After Free in GitHub repository vim/vim prior to 9.0.1858.
Use-after-free in libtransmission/variant.c in Transmission before 3.00 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted torrent file.
Vim 8.0 allows attackers to cause a denial of service (invalid free) or possibly have unspecified other impact via a crafted source (aka -S) file. NOTE: there might be a limited number of scenarios in which this has security relevance.
There's a flaw in libxml2's xmllint in versions before 2.9.11. An attacker who is able to submit a crafted file to be processed by xmllint could trigger a use-after-free. The greatest impact of this flaw is to confidentiality, integrity, and availability.
In ytnef 1.9.3, the TNEFSubjectHandler function in lib/ytnef.c allows remote attackers to cause a denial-of-service (and potentially code execution) due to a double free which can be triggered via a crafted file.
A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 14.2 and iPadOS 14.2, iCloud for Windows 11.5, Safari 14.0.1, tvOS 14.2, iTunes 12.11 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution.
libEMF (aka ECMA-234 Metafile Library) through 1.0.11 allows a use-after-free.
The autocmd feature in window.c in Vim before 8.1.2136 accesses freed memory.
Use After Free in NPM radare2.js prior to 5.6.2.
Jhead 3.06.0.1 allows attackers to execute arbitrary OS commands by placing them in a JPEG filename and then using the regeneration -rgt50 option.
PDFResurrect before 0.20 lack of header validation checks causes heap-buffer-overflow in pdf_get_version().
Vim is an open source, command line text editor. Prior to 9.2.0698, the single-byte branch of spell_soundfold_sofo() in src/spell.c translates a word through a spell file's SOFO (sound-folding) byte map into a caller-owned result buffer. Its copy loop advances the output index ri with no upper bound and terminates only on the input NUL, writing one byte per input byte into the MAXWLEN-element stack buffer the caller provides. A word longer than MAXWLEN, passed to soundfold() (or reached via sound-based spell suggestion) while a SOFO-based spell language is active, therefore writes past the end of that buffer. This is a stack out-of-bounds write that corrupts the call frame and crashes the editor. This vulnerability is fixed in 9.2.0698.
Vim is an open source, command line text editor. Prior to 9.2.0699, Vim's Python omni-completion (runtime/autoload/python3complete.vim and the legacy pythoncomplete.vim) executes reconstructed function and class definitions from the current buffer with exec() as part of populating the completion dictionary. When reconstructing that source, each scope's docstring is inserted verbatim between triple quotes with no escaping, so a hostile buffer can break out of the triple-quoted literal and execute attacker-controlled Python during omni-completion. This vulnerability is fixed in 9.2.0699.
The App::cpanminus package 1.7044 for Perl allows Signature Verification Bypass.