Vendor CVEs
Vim
All CVEs
260 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-0729 | 0.00 | — | 0.02 | Feb 23, 2022 | Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4440. | |||
| CVE-2022-0696 | 0.00 | — | 0.02 | Feb 21, 2022 | NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.4428. | |||
| CVE-2022-0685 | 0.00 | — | 0.02 | Feb 20, 2022 | Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4418. | |||
| CVE-2022-0629 | 0.00 | — | 0.02 | Feb 17, 2022 | Stack-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. | |||
| CVE-2022-0554 | 0.00 | — | 0.02 | Feb 10, 2022 | Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2. | |||
| CVE-2022-0443 | 0.00 | — | 0.01 | Feb 2, 2022 | Use After Free in GitHub repository vim/vim prior to 8.2. | |||
| CVE-2022-0417 | 0.00 | — | 0.02 | Feb 1, 2022 | Heap-based Buffer Overflow GitHub repository vim/vim prior to 8.2. | |||
| CVE-2022-0407 | 0.00 | — | 0.01 | Jan 30, 2022 | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. | |||
| CVE-2022-0413 | 0.00 | — | 0.01 | Jan 30, 2022 | Use After Free in GitHub repository vim/vim prior to 8.2. | |||
| CVE-2022-0408 | 0.00 | — | 0.02 | Jan 30, 2022 | Stack-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. | |||
| CVE-2022-0393 | 0.00 | — | 0.01 | Jan 28, 2022 | Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. | |||
| CVE-2022-0392 | 0.00 | — | 0.02 | Jan 28, 2022 | Heap-based Buffer Overflow in GitHub repository vim prior to 8.2. | |||
| CVE-2022-0361 | 0.00 | — | 0.02 | Jan 26, 2022 | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. | |||
| CVE-2022-0368 | 0.00 | — | 0.02 | Jan 26, 2022 | Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. | |||
| CVE-2022-0359 | 0.00 | — | 0.01 | Jan 26, 2022 | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. | |||
| CVE-2022-0351 | 0.00 | — | 0.01 | Jan 25, 2022 | Access of Memory Location Before Start of Buffer in GitHub repository vim/vim prior to 8.2. | |||
| CVE-2022-0319 | 0.00 | — | 0.01 | Jan 21, 2022 | Out-of-bounds Read in vim/vim prior to 8.2. | |||
| CVE-2022-0318 | 0.00 | — | 0.02 | Jan 21, 2022 | Heap-based Buffer Overflow in vim/vim prior to 8.2. | |||
| CVE-2022-0261 | 0.00 | — | 0.02 | Jan 18, 2022 | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. | |||
| CVE-2022-0213 | 0.00 | — | 0.01 | Jan 14, 2022 | vim is vulnerable to Heap-based Buffer Overflow | |||
| CVE-2022-0156 | 0.00 | — | 0.02 | Jan 10, 2022 | vim is vulnerable to Use After Free | |||
| CVE-2022-0158 | 0.00 | — | 0.02 | Jan 10, 2022 | vim is vulnerable to Heap-based Buffer Overflow | |||
| CVE-2022-0128 | 0.00 | — | 0.02 | Jan 6, 2022 | vim is vulnerable to Out-of-bounds Read | |||
| CVE-2021-4193 | 0.00 | — | 0.02 | Dec 31, 2021 | vim is vulnerable to Out-of-bounds Read | |||
| CVE-2021-4192 | 0.00 | — | 0.02 | Dec 31, 2021 | vim is vulnerable to Use After Free | |||
| CVE-2021-4187 | 0.00 | — | 0.02 | Dec 29, 2021 | vim is vulnerable to Use After Free | |||
| CVE-2021-4173 | 0.00 | — | 0.02 | Dec 27, 2021 | vim is vulnerable to Use After Free | |||
| CVE-2021-4166 | 0.00 | — | 0.02 | Dec 25, 2021 | vim is vulnerable to Out-of-bounds Read | |||
| CVE-2021-4136 | 0.00 | — | 0.02 | Dec 19, 2021 | vim is vulnerable to Heap-based Buffer Overflow | |||
| CVE-2021-4069 | 0.00 | — | 0.01 | Dec 6, 2021 | vim is vulnerable to Use After Free | |||
| CVE-2021-3984 | 0.00 | — | 0.01 | Dec 1, 2021 | vim is vulnerable to Heap-based Buffer Overflow | |||
| CVE-2021-3968 | 0.00 | — | 0.02 | Nov 19, 2021 | vim is vulnerable to Heap-based Buffer Overflow | |||
| CVE-2021-3973 | 0.00 | — | 0.02 | Nov 19, 2021 | vim is vulnerable to Heap-based Buffer Overflow | |||
| CVE-2021-3974 | 0.00 | — | 0.01 | Nov 19, 2021 | vim is vulnerable to Use After Free | |||
| CVE-2021-3927 | 0.00 | — | 0.02 | Nov 5, 2021 | vim is vulnerable to Heap-based Buffer Overflow | |||
| CVE-2021-3928 | 0.00 | — | 0.01 | Nov 5, 2021 | vim is vulnerable to Use of Uninitialized Variable | |||
| CVE-2021-3903 | 0.00 | — | 0.01 | Oct 27, 2021 | vim is vulnerable to Heap-based Buffer Overflow | |||
| CVE-2021-3872 | 0.00 | — | 0.01 | Oct 19, 2021 | vim is vulnerable to Heap-based Buffer Overflow | |||
| CVE-2021-3875 | 0.00 | — | 0.01 | Oct 15, 2021 | vim is vulnerable to Heap-based Buffer Overflow | |||
| CVE-2021-3796 | 0.00 | — | 0.02 | Sep 15, 2021 | vim is vulnerable to Use After Free | |||
| CVE-2021-3778 | 0.00 | — | 0.02 | Sep 15, 2021 | vim is vulnerable to Heap-based Buffer Overflow | |||
| CVE-2021-3770 | 0.00 | — | 0.01 | Sep 6, 2021 | vim is vulnerable to Heap-based Buffer Overflow | |||
| CVE-2021-28832 | 0.00 | — | 0.01 | Apr 5, 2021 | VSCodeVim before 1.19.0 allows attackers to execute arbitrary code via a crafted workspace configuration. | |||
| CVE-2019-20807 | 0.00 | — | 0.00 | May 28, 2020 | In Vim before 8.1.0881, users can circumvent the rvim restricted mode and execute arbitrary OS commands via scripting interfaces (e.g., Python, Ruby, or Lua). | |||
| CVE-2020-9769 | 0.00 | — | 0.01 | Apr 1, 2020 | Multiple issues were addressed by updating to version 8.1.1850. This issue is fixed in macOS Catalina 10.15.4. Multiple issues in Vim. | |||
| CVE-2019-20079 | 0.00 | — | 0.02 | Dec 30, 2019 | The autocmd feature in window.c in Vim before 8.1.2136 accesses freed memory. | |||
| CVE-2018-20786 | 0.00 | — | 0.03 | Feb 24, 2019 | libvterm through 0+bzr726, as used in Vim and other products, mishandles certain out-of-memory conditions, leading to a denial of service (application crash), related to screen.c, state.c, and vterm.c. | |||
| CVE-2008-6235 | 0.00 | — | 0.03 | Feb 21, 2009 | The Netrw plugin (netrw.vim) in Vim 7.0 and 7.1 allows user-assisted attackers to execute arbitrary commands via shell metacharacters in a filename used by the (1) "D" (delete) command or (2) b:netrw_curdir variable, as demonstrated using the netrw.v4 and netrw.v5 test cases. | |||
| CVE-2008-3075 | 0.00 | — | 0.04 | Feb 21, 2009 | The shellescape function in Vim 7.0 through 7.2, including 7.2a.10, allows user-assisted attackers to execute arbitrary code via the "!" (exclamation point) shell metacharacter in (1) the filename of a ZIP archive and possibly (2) the filename of the first file in a ZIP archive,… | |||
| CVE-2008-3074 | 0.00 | — | 0.04 | Feb 21, 2009 | The shellescape function in Vim 7.0 through 7.2, including 7.2a.10, allows user-assisted attackers to execute arbitrary code via the "!" (exclamation point) shell metacharacter in (1) the filename of a tar archive and possibly (2) the filename of the first file in a tar archive,… |
- CVE-2022-0729Feb 23, 2022risk 0.00cvss —epss 0.02
Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4440.
- CVE-2022-0696Feb 21, 2022risk 0.00cvss —epss 0.02
NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.4428.
- CVE-2022-0685Feb 20, 2022risk 0.00cvss —epss 0.02
Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4418.
- CVE-2022-0629Feb 17, 2022risk 0.00cvss —epss 0.02
Stack-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
- CVE-2022-0554Feb 10, 2022risk 0.00cvss —epss 0.02
Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.
- CVE-2022-0443Feb 2, 2022risk 0.00cvss —epss 0.01
Use After Free in GitHub repository vim/vim prior to 8.2.
- CVE-2022-0417Feb 1, 2022risk 0.00cvss —epss 0.02
Heap-based Buffer Overflow GitHub repository vim/vim prior to 8.2.
- CVE-2022-0407Jan 30, 2022risk 0.00cvss —epss 0.01
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
- CVE-2022-0413Jan 30, 2022risk 0.00cvss —epss 0.01
Use After Free in GitHub repository vim/vim prior to 8.2.
- CVE-2022-0408Jan 30, 2022risk 0.00cvss —epss 0.02
Stack-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
- CVE-2022-0393Jan 28, 2022risk 0.00cvss —epss 0.01
Out-of-bounds Read in GitHub repository vim/vim prior to 8.2.
- CVE-2022-0392Jan 28, 2022risk 0.00cvss —epss 0.02
Heap-based Buffer Overflow in GitHub repository vim prior to 8.2.
- CVE-2022-0361Jan 26, 2022risk 0.00cvss —epss 0.02
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
- CVE-2022-0368Jan 26, 2022risk 0.00cvss —epss 0.02
Out-of-bounds Read in GitHub repository vim/vim prior to 8.2.
- CVE-2022-0359Jan 26, 2022risk 0.00cvss —epss 0.01
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
- CVE-2022-0351Jan 25, 2022risk 0.00cvss —epss 0.01
Access of Memory Location Before Start of Buffer in GitHub repository vim/vim prior to 8.2.
- CVE-2022-0319Jan 21, 2022risk 0.00cvss —epss 0.01
Out-of-bounds Read in vim/vim prior to 8.2.
- CVE-2022-0318Jan 21, 2022risk 0.00cvss —epss 0.02
Heap-based Buffer Overflow in vim/vim prior to 8.2.
- CVE-2022-0261Jan 18, 2022risk 0.00cvss —epss 0.02
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
- CVE-2022-0213Jan 14, 2022risk 0.00cvss —epss 0.01
vim is vulnerable to Heap-based Buffer Overflow
- CVE-2022-0156Jan 10, 2022risk 0.00cvss —epss 0.02
vim is vulnerable to Use After Free
- CVE-2022-0158Jan 10, 2022risk 0.00cvss —epss 0.02
vim is vulnerable to Heap-based Buffer Overflow
- CVE-2022-0128Jan 6, 2022risk 0.00cvss —epss 0.02
vim is vulnerable to Out-of-bounds Read
- CVE-2021-4193Dec 31, 2021risk 0.00cvss —epss 0.02
vim is vulnerable to Out-of-bounds Read
- CVE-2021-4192Dec 31, 2021risk 0.00cvss —epss 0.02
vim is vulnerable to Use After Free
- CVE-2021-4187Dec 29, 2021risk 0.00cvss —epss 0.02
vim is vulnerable to Use After Free
- CVE-2021-4173Dec 27, 2021risk 0.00cvss —epss 0.02
vim is vulnerable to Use After Free
- CVE-2021-4166Dec 25, 2021risk 0.00cvss —epss 0.02
vim is vulnerable to Out-of-bounds Read
- CVE-2021-4136Dec 19, 2021risk 0.00cvss —epss 0.02
vim is vulnerable to Heap-based Buffer Overflow
- CVE-2021-4069Dec 6, 2021risk 0.00cvss —epss 0.01
vim is vulnerable to Use After Free
- CVE-2021-3984Dec 1, 2021risk 0.00cvss —epss 0.01
vim is vulnerable to Heap-based Buffer Overflow
- CVE-2021-3968Nov 19, 2021risk 0.00cvss —epss 0.02
vim is vulnerable to Heap-based Buffer Overflow
- CVE-2021-3973Nov 19, 2021risk 0.00cvss —epss 0.02
vim is vulnerable to Heap-based Buffer Overflow
- CVE-2021-3974Nov 19, 2021risk 0.00cvss —epss 0.01
vim is vulnerable to Use After Free
- CVE-2021-3927Nov 5, 2021risk 0.00cvss —epss 0.02
vim is vulnerable to Heap-based Buffer Overflow
- CVE-2021-3928Nov 5, 2021risk 0.00cvss —epss 0.01
vim is vulnerable to Use of Uninitialized Variable
- CVE-2021-3903Oct 27, 2021risk 0.00cvss —epss 0.01
vim is vulnerable to Heap-based Buffer Overflow
- CVE-2021-3872Oct 19, 2021risk 0.00cvss —epss 0.01
vim is vulnerable to Heap-based Buffer Overflow
- CVE-2021-3875Oct 15, 2021risk 0.00cvss —epss 0.01
vim is vulnerable to Heap-based Buffer Overflow
- CVE-2021-3796Sep 15, 2021risk 0.00cvss —epss 0.02
vim is vulnerable to Use After Free
- CVE-2021-3778Sep 15, 2021risk 0.00cvss —epss 0.02
vim is vulnerable to Heap-based Buffer Overflow
- CVE-2021-3770Sep 6, 2021risk 0.00cvss —epss 0.01
vim is vulnerable to Heap-based Buffer Overflow
- CVE-2021-28832Apr 5, 2021risk 0.00cvss —epss 0.01
VSCodeVim before 1.19.0 allows attackers to execute arbitrary code via a crafted workspace configuration.
- CVE-2019-20807May 28, 2020risk 0.00cvss —epss 0.00
In Vim before 8.1.0881, users can circumvent the rvim restricted mode and execute arbitrary OS commands via scripting interfaces (e.g., Python, Ruby, or Lua).
- CVE-2020-9769Apr 1, 2020risk 0.00cvss —epss 0.01
Multiple issues were addressed by updating to version 8.1.1850. This issue is fixed in macOS Catalina 10.15.4. Multiple issues in Vim.
- CVE-2019-20079Dec 30, 2019risk 0.00cvss —epss 0.02
The autocmd feature in window.c in Vim before 8.1.2136 accesses freed memory.
- CVE-2018-20786Feb 24, 2019risk 0.00cvss —epss 0.03
libvterm through 0+bzr726, as used in Vim and other products, mishandles certain out-of-memory conditions, leading to a denial of service (application crash), related to screen.c, state.c, and vterm.c.
- CVE-2008-6235Feb 21, 2009risk 0.00cvss —epss 0.03
The Netrw plugin (netrw.vim) in Vim 7.0 and 7.1 allows user-assisted attackers to execute arbitrary commands via shell metacharacters in a filename used by the (1) "D" (delete) command or (2) b:netrw_curdir variable, as demonstrated using the netrw.v4 and netrw.v5 test cases.
- CVE-2008-3075Feb 21, 2009risk 0.00cvss —epss 0.04
The shellescape function in Vim 7.0 through 7.2, including 7.2a.10, allows user-assisted attackers to execute arbitrary code via the "!" (exclamation point) shell metacharacter in (1) the filename of a ZIP archive and possibly (2) the filename of the first file in a ZIP archive,…
- CVE-2008-3074Feb 21, 2009risk 0.00cvss —epss 0.04
The shellescape function in Vim 7.0 through 7.2, including 7.2a.10, allows user-assisted attackers to execute arbitrary code via the "!" (exclamation point) shell metacharacter in (1) the filename of a tar archive and possibly (2) the filename of the first file in a tar archive,…
Page 5 of 6