Bram Moolenaar

124 exploits Active since Feb 2017
CVE-2022-3352 WRITEUP HIGH WRITEUP
vim/vim <9.0.0614 - Use After Free
Use After Free in GitHub repository vim/vim prior to 9.0.0614.
CVSS 7.8
CVE-2022-3491 WRITEUP HIGH WRITEUP
Vim < 9.0.0742 - Out-of-Bounds Write
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0742.
CVSS 7.8
CVE-2022-3520 WRITEUP CRITICAL WRITEUP
vim/vim <9.0.0765 - Buffer Overflow
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0765.
CVSS 9.8
CVE-2022-3591 WRITEUP HIGH WRITEUP
vim/vim <9.0.0789 - Use After Free
Use After Free in GitHub repository vim/vim prior to 9.0.0789.
CVSS 7.8
CVE-2022-3705 WRITEUP MEDIUM WRITEUP
Vim < 9.0.0805 - Use After Free
A vulnerability was found in vim and classified as problematic. Affected by this issue is the function qf_update_buffer of the file quickfix.c of the component autocmd Handler. The manipulation leads to use after free. The attack may be launched remotely. Upgrading to version 9.0.0805 is able to address this issue. The name of the patch is d0fab10ed2a86698937e3c3fed2f10bd9bb5e731. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-212324.
CVSS 5.0
CVE-2022-4141 WRITEUP HIGH WRITEUP
Vim < 9.0.0946 - Out-of-Bounds Write
Heap based buffer overflow in vim/vim 9.0.0946 and below by allowing an attacker to CTRL-W gf in the expression used in the RHS of the substitute command.
CVSS 7.8
CVE-2022-4292 WRITEUP HIGH WRITEUP
Vim < 9.0.0882 - Use After Free
Use After Free in GitHub repository vim/vim prior to 9.0.0882.
CVSS 7.8
CVE-2022-4293 WRITEUP MEDIUM WRITEUP
vim <9.0.0804 - Info Disclosure
Floating Point Comparison with Incorrect Operator in GitHub repository vim/vim prior to 9.0.0804.
CVSS 5.5
CVE-2022-47024 WRITEUP HIGH WRITEUP
Vim <9.0.0339 - DoS
A null pointer dereference issue was discovered in function gui_x11_create_blank_mouse in gui_x11.c in vim 8.1.2269 thru 9.0.0339 allows attackers to cause denial of service or other unspecified impacts.
CVSS 7.8
CVE-2023-0049 WRITEUP HIGH WRITEUP
vim/vim <9.0.1143 - Info Disclosure
Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.1143.
CVSS 7.8
CVE-2023-0051 WRITEUP HIGH WRITEUP
vim/vim <9.0.1144 - Buffer Overflow
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1144.
CVSS 7.8
CVE-2023-0054 WRITEUP HIGH WRITEUP
vim/vim <9.0.1145 - Memory Corruption
Out-of-bounds Write in GitHub repository vim/vim prior to 9.0.1145.
CVSS 7.8
CVE-2023-0288 WRITEUP HIGH WRITEUP
vim/vim <9.0.1189 - Buffer Overflow
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1189.
CVSS 7.8
CVE-2023-0433 WRITEUP HIGH WRITEUP
Vim < 9.0.1225 - Heap Buffer Overflow
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1225.
CVSS 7.8
CVE-2023-0512 WRITEUP HIGH WRITEUP
Vim < 9.0.1247 - Divide By Zero
Divide By Zero in GitHub repository vim/vim prior to 9.0.1247.
CVSS 7.8
CVE-2023-1127 WRITEUP HIGH WRITEUP
Vim < 9.0.1367 - Divide By Zero
Divide By Zero in GitHub repository vim/vim prior to 9.0.1367.
CVSS 7.8
CVE-2023-1170 WRITEUP MEDIUM WRITEUP
Vim < 9.0.1376 - Heap Buffer Overflow
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1376.
CVSS 6.6
CVE-2023-1175 WRITEUP MEDIUM WRITEUP
vim <9.0.1378 - Buffer Overflow
Incorrect Calculation of Buffer Size in GitHub repository vim/vim prior to 9.0.1378.
CVSS 6.6
CVE-2023-1264 WRITEUP MEDIUM WRITEUP
Vim < 9.0.1392 - NULL Pointer Dereference
NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.1392.
CVSS 5.5
CVE-2023-1355 WRITEUP MEDIUM WRITEUP
Vim < 9.0.1402 - NULL Pointer Dereference
NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.1402.
CVSS 5.5
CVE-2023-2426 WRITEUP MEDIUM WRITEUP
vim/vim <9.0.1499 - Memory Corruption
Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 9.0.1499.
CVSS 5.5
CVE-2023-2609 WRITEUP MEDIUM WRITEUP
vim/vim <9.0.1531 - NULL Pointer Dereference
NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.1531.
CVSS 5.5
CVE-2023-2610 WRITEUP HIGH WRITEUP
vim/vim <9.0.1532 - Buffer Overflow
Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0.1532.
CVSS 7.8
CVE-2023-41036 WRITEUP HIGH WRITEUP
Macvim <178 - Privilege Escalation
Macvim is a text editor for MacOS. Prior to version 178, Macvim makes use of an insecure interprocess communication (IPC) mechanism which could lead to a privilege escalation. Distributed objects are a concept introduced by Apple which allow one program to vend an interface to another program. What is not made clear in the documentation is that this service can vend this interface to any other program on the machine. The impact of exploitation is a privilege escalation to root - this is likely to affect anyone who is not careful about the software they download and use MacVim to edit files that would require root privileges. Version 178 contains a fix for this issue.
CVSS 7.8