Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0061.
Vim is an open source, command line text editor. Prior to 9.2.0698, the single-byte branch of spell_soundfold_sofo() in src/spell.c translates a word through a spell file's SOFO (sound-folding) byte map into a caller-owned result buffer. Its copy loop advances the output index ri with no upper bound and terminates only on the input NUL, writing one byte per input byte into the MAXWLEN-element stack buffer the caller provides. A word longer than MAXWLEN, passed to soundfold() (or reached via sound-based spell suggestion) while a SOFO-based spell language is active, therefore writes past the end of that buffer. This is a stack out-of-bounds write that corrupts the call frame and crashes the editor. This vulnerability is fixed in 9.2.0698.
Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.
Use After Free in GitHub repository vim/vim prior to 9.0.0046.
Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.
Use After Free in GitHub repository vim/vim prior to 9.0.0789.
Vim before 9.0.2142 has a stack-based buffer overflow because did_set_langmap in map.c calls sprintf to write to the error buffer that is passed down to the option callback functions.
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0483.
Use After Free in GitHub repository vim/vim prior to 9.0.0579.
Vim is an open source, command line text editor. Versions prior to 9.2.0077 have a heap-buffer-overflow and a segmentation fault (SEGV) exist in Vim's swap file recovery logic. Both are caused by unvalidated fields read from crafted pointer blocks within a swap file. Version 9.2.0077 fixes the issue.
Vim is an open source, command line text editor. Prior to version 9.2.0073, an OS command injection vulnerability exists in the `netrw` standard plugin bundled with Vim. By inducing a user to open a crafted URL (e.g., using the `scp://` protocol handler), an attacker can execute arbitrary shell commands with the privileges of the Vim process. Version 9.2.0073 fixes the issue.
Use After Free in GitHub repository vim/vim prior to 9.0.0360.
Use After Free in GitHub repository vim/vim prior to 9.0.0389.
Use After Free in GitHub repository vim/vim prior to 9.0.0322.
Use After Free in GitHub repository vim/vim prior to 9.0.0225.
Use After Free in GitHub repository vim/vim prior to 9.0.
Out-of-bounds Write in GitHub repository vim/vim prior to 9.0.
Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0044.
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0045.
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1331.
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1873.
Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0.
Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0.1846.
Use After Free in GitHub repository vim/vim prior to 9.0.1840.
Divide By Zero in vim/vim from 9.0.1367-1 to 9.0.1367-3
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
Out-of-bounds Write in GitHub repository vim/vim prior to 8.2.
Out-of-bounds Read in GitHub repository vim/vim prior to 8.2.
Use After Free in GitHub repository vim/vim prior to 8.2.
Out-of-bounds Read in GitHub repository vim/vim prior to 8.2.
Out-of-bounds Write in GitHub repository vim/vim prior to 8.2.
Out-of-bounds Write in GitHub repository vim/vim prior to 8.2.
Buffer Over-read in function grab_file_name in GitHub repository vim/vim prior to 8.2.4956. This vulnerability is capable of crashing the software, memory modification, and possible remote execution.
Buffer Over-read in GitHub repository vim/vim prior to 8.2.
Use after free in append_command in GitHub repository vim/vim prior to 8.2.4895. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution
Heap buffer overflow in vim_strncpy find_word in GitHub repository vim/vim prior to 8.2.4919. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution
global heap buffer overflow in skip_range in GitHub repository vim/vim prior to 8.2.4763. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution
Use After Free in GitHub repository vim/vim prior to 8.2.4979.
Heap-based Buffer Overflow in function cmdline_erase_chars in GitHub repository vim/vim prior to 8.2.4899. This vulnerabilities are capable of crashing software, modify memory, and possible remote execution
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
Use After Free in GitHub repository vim/vim prior to 8.2.
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
Out-of-bounds Read in GitHub repository vim/vim prior to 8.2.
Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4418.
Use After Free in GitHub repository vim/vim prior to 8.2.
Heap-based Buffer Overflow GitHub repository vim/vim prior to 8.2.