Bram Moolenaar

126 exploits Active since Feb 2017
CVE-2019-12735 WRITEUP HIGH WRITEUP
Vim < 8.1.1365 and Neovim < 0.3.6 - OS Command Injection via Modeline :source! Command
getchar.c in Vim before 8.1.1365 and Neovim before 0.3.6 allows remote attackers to execute arbitrary OS commands via the :source! command in a modeline, as demonstrated by execute in Vim, and assert_fails or nvim_input in Neovim.
CVSS 8.6
CVE-2022-2522 WRITEUP HIGH WRITEUP
vim/vim <9.0.0061 - Buffer Overflow
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0061.
CVSS 7.8
CVE-2017-17087 WRITEUP MEDIUM WRITEUP
Vim < 8.0.1263 - Unauthorized File Permission Exposure via .swp File Group Ownership
fileio.c in Vim prior to 8.0.1263 sets the group ownership of a .swp file to the editor's primary group (which may be different from the group ownership of the original file), which allows local users to obtain sensitive information by leveraging an applicable group membership, as demonstrated by /etc/shadow owned by root:shadow mode 0640, but /etc/.shadow.swp owned by root:users mode 0640, a different vulnerability than CVE-2017-1000382.
CVSS 5.5
CVE-2017-5953 WRITEUP CRITICAL WRITEUP
vim < 8.0.0055 - Integer Overflow and Buffer Overflow via Spell File Tree Length
vim before patch 8.0.0322 does not properly validate values for tree length when handling a spell file, which may result in an integer overflow at a memory allocation site and a resultant buffer overflow.
CVSS 9.8
CVE-2017-6349 WRITEUP CRITICAL WRITEUP
vim < 8.0.0376 - Integer Overflow in Undo File Processing
An integer overflow at a u_read_undo memory allocation site would occur for vim before patch 8.0.0377, if it does not properly validate values for tree length when reading a corrupted undo file, which may lead to resultant buffer overflows.
CVSS 9.8
CVE-2017-6350 WRITEUP CRITICAL WRITEUP
vim < 8.0.0377 - Integer Overflow via Undo File Deserialization
An integer overflow at an unserialize_uep memory allocation site would occur for vim before patch 8.0.0378, if it does not properly validate values for tree length when reading a corrupted undo file, which may lead to resultant buffer overflows.
CVSS 9.8
CVE-2018-20786 WRITEUP HIGH WRITEUP
libvterm < 0+bzr726 - Denial of Service via Out-of-Memory Condition
libvterm through 0+bzr726, as used in Vim and other products, mishandles certain out-of-memory conditions, leading to a denial of service (application crash), related to screen.c, state.c, and vterm.c.
CVSS 7.5
CVE-2019-20079 WRITEUP HIGH WRITEUP
Vim 8.1.2121-8.1.2135 - Use-After-Free in Autocmd Feature
The autocmd feature in window.c in Vim before 8.1.2136 accesses freed memory.
CVSS 7.8
CVE-2019-20807 WRITEUP MEDIUM WRITEUP
vim < 8.1.0881 - OS Command Injection via Scripting Interfaces
In Vim before 8.1.0881, users can circumvent the rvim restricted mode and execute arbitrary OS commands via scripting interfaces (e.g., Python, Ruby, or Lua).
CVSS 5.3
CVE-2021-3770 WRITEUP HIGH WRITEUP
vim < 8.2.3408 - Heap-based Buffer Overflow
vim is vulnerable to Heap-based Buffer Overflow
CVSS 7.8
CVE-2021-3778 WRITEUP HIGH WRITEUP
vim < 8.2.3409 - Heap-based Buffer Overflow
vim is vulnerable to Heap-based Buffer Overflow
CVSS 7.8
CVE-2021-3796 WRITEUP HIGH WRITEUP
vim < 8.2.3428 - Use-After-Free
vim is vulnerable to Use After Free
CVSS 7.3
CVE-2021-3872 WRITEUP HIGH WRITEUP
vim < 8.2.3487 - Heap-based Buffer Overflow
vim is vulnerable to Heap-based Buffer Overflow
CVSS 7.8
CVE-2021-3875 WRITEUP MEDIUM WRITEUP
vim < 8.2.3489 - Heap-based Buffer Overflow
vim is vulnerable to Heap-based Buffer Overflow
CVSS 5.5
CVE-2021-3903 WRITEUP HIGH WRITEUP
vim < 8.2.3564 - Heap-based Buffer Overflow
vim is vulnerable to Heap-based Buffer Overflow
CVSS 7.8
CVE-2021-3927 WRITEUP HIGH WRITEUP
vim < 8.2.3581 - Heap-based Buffer Overflow
vim is vulnerable to Heap-based Buffer Overflow
CVSS 7.8
CVE-2021-3928 WRITEUP HIGH WRITEUP
vim < 8.2.3582 - Use of Uninitialized Variable
vim is vulnerable to Use of Uninitialized Variable
CVSS 7.8
CVE-2021-3968 WRITEUP HIGH WRITEUP
vim 8.2.3430-8.2.3610 - Heap-based Buffer Overflow
vim is vulnerable to Heap-based Buffer Overflow
CVSS 8.0
CVE-2021-3973 WRITEUP HIGH WRITEUP
vim < 8.2.3611 - Heap-based Buffer Overflow
vim is vulnerable to Heap-based Buffer Overflow
CVSS 7.8
CVE-2021-3974 WRITEUP HIGH WRITEUP
vim < 8.2.3612 - Use-After-Free
vim is vulnerable to Use After Free
CVSS 7.8
CVE-2021-3984 WRITEUP HIGH WRITEUP
vim < 8.2.3625 - Heap-based Buffer Overflow
vim is vulnerable to Heap-based Buffer Overflow
CVSS 7.8
CVE-2021-4136 WRITEUP HIGH WRITEUP
vim < 8.2.3847 - Heap-based Buffer Overflow
vim is vulnerable to Heap-based Buffer Overflow
CVSS 7.8
CVE-2021-4166 WRITEUP HIGH WRITEUP
vim < 8.2.3884 - Out-of-bounds Read
vim is vulnerable to Out-of-bounds Read
CVSS 7.1
CVE-2021-4173 WRITEUP HIGH WRITEUP
vim < 8.2.3902 - Use-After-Free
vim is vulnerable to Use After Free
CVSS 7.8
CVE-2021-4187 WRITEUP HIGH WRITEUP
vim < 8.2.3912 - Use-After-Free
vim is vulnerable to Use After Free
CVSS 7.8