Use After Free in GitHub repository vim/vim prior to 9.0.0389.
Use After Free in GitHub repository vim/vim prior to 9.0.0260.
Use After Free in GitHub repository vim/vim prior to 9.0.0322.
Use After Free in GitHub repository vim/vim prior to 9.0.0286.
Use After Free in GitHub repository vim/vim prior to 9.0.0246.
Use After Free in GitHub repository vim/vim prior to 9.0.0221.
Improper Validation of Specified Quantity in Input in GitHub repository vim/vim prior to 9.0.0218.
Use After Free in GitHub repository vim/vim prior to 9.0.0225.
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0220.
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0211.
Use After Free in GitHub repository vim/vim prior to 9.0.0213.
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0102.
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0101.
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.
Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.0212.
Use After Free in GitHub repository vim/vim prior to 9.0.
Use After Free in GitHub repository vim/vim prior to 9.0.0046.
Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.
Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.
Vim is an open source, command line text editor. Prior to 9.2.0663, a Vimscript code injection vulnerability exists in s:NetrwLocalRmFile() in the netrw plugin (runtime/pack/dist/opt/netrw/autoload/netrw.vim) when deleting a local file from the browser. A filename derived from the buffer's directory listing is interpolated into an Ex command line passed to :execute with only the backslash character escaped, allowing a crafted filename containing a bar (|) to terminate the intended command and execute arbitrary Vimscript, including shell commands via :call system() and :!. This vulnerability is fixed in 9.2.0663.
Buffer Over-read in GitHub repository vim/vim prior to 8.2.
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
Out-of-bounds Read in GitHub repository vim/vim prior to 8.2.
Out-of-bounds Read in GitHub repository vim/vim prior to 8.2.
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
Buffer Over-read in GitHub repository vim/vim prior to 8.2.
Out-of-bounds Read in GitHub repository vim/vim prior to 8.2.
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0061.
Use After Free in GitHub repository vim/vim prior to 8.2.
Buffer Over-read in function grab_file_name in GitHub repository vim/vim prior to 8.2.4956. This vulnerability is capable of crashing the software, memory modification, and possible remote execution.
Use After Free in GitHub repository vim/vim prior to 8.2.4979.
Buffer Over-read in function find_next_quote in GitHub repository vim/vim prior to 8.2.4925. This vulnerabilities are capable of crashing software, Modify Memory, and possible remote execution
Use After Free in GitHub repository vim/vim prior to 8.2.
Use After Free in GitHub repository vim/vim prior to 8.2.
Classic Buffer Overflow in GitHub repository vim/vim prior to 8.2.4969.
Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.0104.
Out-of-bounds Read in GitHub repository vim/vim prior to 8.2.
Use after free in append_command in GitHub repository vim/vim prior to 8.2.4895. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution
Buffer Over-read in GitHub repository vim/vim prior to 8.2.
Vim is an open source, command line text editor. Prior to version 9.2.0561, the Python omni-completion script in python3complete.vim for Vim with the +python3 interpreter enabled (and the legacy pythoncomplete.vim for builds with the +python interpreter) executes the import and from statements found in the current buffer through Python's import machinery. Because the buffer's working directory is on sys.path, opening a hostile .py file with a sibling Python package and invoking omni-completion runs that package's top-level code as the editing user. This issue has been patched in version 9.2.0561.
Vim is an open source, command line text editor. Prior to version 9.2.0597, Vim's Python omni-completion executes reconstructed function and class definitions from the current buffer with exec() as part of populating the completion dictionary. Python evaluates function default values, parameter annotations, and class base expressions at definition time, so a hostile buffer can execute attacker-controlled Python expressions during omni-completion. The existing g:pythoncomplete_allow_import mitigation (GHSA-52mc-rq6p-rc7c) does not cover this path, because the attacker-controlled code is not a harvested import/from statement. This issue has been patched in version 9.2.0597.
Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0.
Use After Free in GitHub repository vim/vim prior to 8.2.
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0044.
Use After Free in GitHub repository vim/vim prior to v9.0.2010.
Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0.1846.
Use After Free in GitHub repository vim/vim prior to 9.0.1857.
Use After Free in GitHub repository vim/vim prior to 9.0.1840.
Use after free in utf_ptr2char in GitHub repository vim/vim prior to 8.2.4646.