Use After Free in GitHub repository vim/vim prior to 9.0.0360.
Use After Free in GitHub repository vim/vim prior to 9.0.0322.
Use After Free in GitHub repository vim/vim prior to 9.0.0225.
Use After Free in GitHub repository vim/vim prior to 9.0.0260.
Use After Free in GitHub repository vim/vim prior to 9.0.0246.
Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.0212.
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0211.
Use After Free in GitHub repository vim/vim prior to 9.0.0213.
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0220.
Use After Free in GitHub repository vim/vim prior to 9.0.0221.
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0101.
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0061.
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0102.
Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.
Use After Free in GitHub repository vim/vim prior to 9.0.
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0044.
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0045.
Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.
Use After Free in GitHub repository vim/vim prior to 9.0.0046.
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.
Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0.
Out-of-bounds Write in GitHub repository vim/vim prior to 9.0.
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
Improper Validation of Specified Quantity in Input in GitHub repository vim/vim prior to 9.0.0218.
Vim is an open source, command line text editor. Prior to version 9.2.0073, an OS command injection vulnerability exists in the `netrw` standard plugin bundled with Vim. By inducing a user to open a crafted URL (e.g., using the `scp://` protocol handler), an attacker can execute arbitrary shell commands with the privileges of the Vim process. Version 9.2.0073 fixes the issue.
Out-of-bounds Read in GitHub repository vim/vim prior to 8.2.
Vim is an open source, command line text editor. Versions prior to 9.2.0077 have a heap-buffer-overflow and a segmentation fault (SEGV) exist in Vim's swap file recovery logic. Both are caused by unvalidated fields read from crafted pointer blocks within a swap file. Version 9.2.0077 fixes the issue.
Out-of-bounds Write in GitHub repository vim/vim prior to 8.2.
Buffer Over-read in GitHub repository vim/vim prior to 8.2.
Out-of-bounds Read in GitHub repository vim/vim prior to 8.2.
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.
Vim is an open source, command line text editor. Prior to version 9.1.1947, an uncontrolled search path vulnerability on Windows allows Vim to execute malicious executables placed in the current working directory for the current edited file. On Windows, when using cmd.exe as a shell, Vim resolves external commands by searching the current working directory before system paths. When Vim invokes tools such as findstr for :grep, external commands or filters via :!, or compiler/:make commands, it may inadvertently run a malicious executable present in the same directory as the file being edited. The issue affects Vim for Windows prior to version 9.1.1947.
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0483.
Buffer Over-read in GitHub repository vim/vim prior to 8.2.
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1189.
Out-of-bounds Write in GitHub repository vim/vim prior to 8.2.
Out-of-bounds Read in GitHub repository vim/vim prior to 8.2.
Buffer Over-read in function find_next_quote in GitHub repository vim/vim prior to 8.2.4925. This vulnerabilities are capable of crashing software, Modify Memory, and possible remote execution
Use After Free in GitHub repository vim/vim prior to 8.2.
Use after free in append_command in GitHub repository vim/vim prior to 8.2.4895. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution
Out-of-bounds Read in GitHub repository vim/vim prior to 8.2.
Use After Free in GitHub repository vim/vim prior to 8.2.
Use After Free in GitHub repository vim/vim prior to v9.0.2010.
Use After Free in GitHub repository vim/vim prior to 8.2.4979.
Heap buffer overflow in vim_strncpy find_word in GitHub repository vim/vim prior to 8.2.4919. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution
Out-of-bounds Write in GitHub repository vim/vim prior to 8.2.
Buffer Over-read in GitHub repository vim/vim prior to 8.2.