Latest vim vim Vulnerabilities

CVE-2024-22667
Vim before 9.0.2142 has a stack-based buffer overflow because did_set_langmap in map.c calls sprintf to write to the error buffer that is passed down to the option callback functions.
Vim Vim<9.0.2142
ubuntu/vim<2:8.0.1453-1ubuntu1.13+
ubuntu/vim<2:9.0.2189-1
ubuntu/vim<2:8.1.2269-1ubuntu5.22
ubuntu/vim<2:8.2.3995-1ubuntu2.16
ubuntu/vim<2:9.0.1672-1ubuntu2.3
and 3 more
CVE-2023-48706
Vim has heap-use-after-free at /src/charset.c:1770:12 in skipwhite
Vim Vim<9.0.2121
ubuntu/vim<2:9.0.1672-1ubuntu2.2
ubuntu/vim<2:8.2.3995-1ubuntu2.15
ubuntu/vim<2:9.0.1000-4ubuntu3.3
ubuntu/vim<9.0.2121
debian/vim<=2:8.1.0875-5+deb10u2<=2:8.1.0875-5+deb10u6<=2:8.2.2434-3+deb11u1<=2:9.0.1378-2
CVE-2023-48235
overflow in ex address parsing in vim
ubuntu/vim<2:8.0.1453-1ubuntu1.13+
ubuntu/vim<2:8.1.2269-1ubuntu5.21
ubuntu/vim<2:8.2.3995-1ubuntu2.15
ubuntu/vim<2:9.0.1000-4ubuntu3.3
ubuntu/vim<2:9.0.1672-1ubuntu2.2
ubuntu/vim<2:7.4.052-1ubuntu3.1+
and 6 more
CVE-2023-48237
overflow in shift_line in vim
ubuntu/vim<2:7.4.1689-3ubuntu1.5+
ubuntu/vim<2:8.0.1453-1ubuntu1.13+
ubuntu/vim<2:8.1.2269-1ubuntu5.21
ubuntu/vim<2:8.2.3995-1ubuntu2.15
ubuntu/vim<2:9.0.1000-4ubuntu3.3
ubuntu/vim<2:9.0.1672-1ubuntu2.2
and 6 more
CVE-2023-48232
Floating point Exception in adjust_plines_for_skipcol() in vim
ubuntu/vim<2:9.0.1000-4ubuntu3.3
ubuntu/vim<2:9.0.1672-1ubuntu2.2
Vim Vim<9.0.2107
Fedoraproject Fedora=37
Fedoraproject Fedora=38
Fedoraproject Fedora=39
and 1 more
CVE-2023-48233
overflow with count for :s command in vim
ubuntu/vim<2:8.0.1453-1ubuntu1.13+
ubuntu/vim<2:8.1.2269-1ubuntu5.21
ubuntu/vim<2:8.2.3995-1ubuntu2.15
ubuntu/vim<2:9.0.1000-4ubuntu3.3
ubuntu/vim<2:9.0.1672-1ubuntu2.2
ubuntu/vim<2:7.4.052-1ubuntu3.1+
and 6 more
CVE-2023-48231
Use-After-Free in win_close() in vim
Vim Vim<9.0.2106
Fedoraproject Fedora=37
Fedoraproject Fedora=38
Fedoraproject Fedora=39
ubuntu/vim<2:7.4.052-1ubuntu3.1+
ubuntu/vim<2:8.0.1453-1ubuntu1.13+
and 6 more
CVE-2023-48236
overflow in get_number in vim
ubuntu/vim<2:9.0.1672-1ubuntu2.2
ubuntu/vim<2:8.0.1453-1ubuntu1.13+
ubuntu/vim<2:8.1.2269-1ubuntu5.21
ubuntu/vim<2:8.2.3995-1ubuntu2.15
ubuntu/vim<2:9.0.1000-4ubuntu3.3
ubuntu/vim<2:7.4.052-1ubuntu3.1+
and 6 more
CVE-2023-48234
overflow in nv_z_get_count in vim
ubuntu/vim<2:8.0.1453-1ubuntu1.13+
ubuntu/vim<2:8.1.2269-1ubuntu5.21
ubuntu/vim<2:8.2.3995-1ubuntu2.15
ubuntu/vim<2:9.0.1000-4ubuntu3.3
ubuntu/vim<2:9.0.1672-1ubuntu2.2
ubuntu/vim<2:7.4.052-1ubuntu3.1+
and 6 more
CVE-2023-46246
Integer Overflow in :history command in Vim
Vim Vim<9.0.2068
ubuntu/vim<2:8.0.1453-1ubuntu1.13+
ubuntu/vim<2:8.1.2269-1ubuntu5.21
ubuntu/vim<2:8.2.3995-1ubuntu2.15
ubuntu/vim<2:9.0.1000-4ubuntu3.3
ubuntu/vim<2:9.0.1672-1ubuntu2.2
and 3 more
CVE-2023-5535
Use After Free in vim/vim
Vim Vim<9.0.2010
Fedoraproject Fedora=37
Fedoraproject Fedora=38
Fedoraproject Fedora=39
ubuntu/vim<2:8.1.2269-1ubuntu5.20
ubuntu/vim<2:8.2.3995-1ubuntu2.13
and 3 more
CVE-2023-5441
NULL Pointer Dereference in vim/vim
Vim Vim<9.0.1994
Fedoraproject Fedora=37
Fedoraproject Fedora=38
Fedoraproject Fedora=39
ubuntu/vim<2:8.0.1453-1ubuntu1.13+
ubuntu/vim<2:8.1.2269-1ubuntu5.20
and 6 more
CVE-2023-5344
Heap-based Buffer Overflow in vim/vim
Vim Vim<9.0.1969
Fedoraproject Fedora=37
Fedoraproject Fedora=38
ubuntu/vim<2:9.0.1672-1ubuntu2.1
ubuntu/vim<2:8.0.1453-1ubuntu1.13+
ubuntu/vim<2:8.1.2269-1ubuntu5.20
and 8 more
CVE-2023-4781
Heap-based Buffer Overflow in vim/vim
Vim Vim<9.0.1873
Debian Debian Linux=10.0
ubuntu/vim<2:9.0.1672-1ubuntu2.1
ubuntu/vim<2:8.1.2269-1ubuntu5.20
ubuntu/vim<2:8.2.3995-1ubuntu2.13
ubuntu/vim<2:9.0.1000-4ubuntu3.2
and 3 more
CVE-2023-4733
Use After Free in vim/vim
Vim Vim<9.0.1840
Fedoraproject Fedora=37
Fedoraproject Fedora=38
Fedoraproject Fedora=39
ubuntu/vim<2:9.0.1672-1ubuntu2.1
ubuntu/vim<2:8.0.1453-1ubuntu1.13+
and 8 more
CVE-2023-4752
Use After Free in vim/vim
Vim Vim<9.0.1858
Fedoraproject Fedora=37
Fedoraproject Fedora=38
Fedoraproject Fedora=39
Debian Debian Linux=10.0
ubuntu/vim<2:9.0.1672-1ubuntu2.1
and 6 more
CVE-2023-4750
Use After Free in vim/vim
Vim Vim<9.0.1857
Fedoraproject Fedora=37
Fedoraproject Fedora=38
Fedoraproject Fedora=39
ubuntu/vim<2:9.0.1672-1ubuntu2.1
ubuntu/vim<2:8.0.1453-1ubuntu1.13+
and 8 more
CVE-2023-4751
Heap-based Buffer Overflow in vim/vim
Vim Vim<9.0.1331
Apple macOS=14.0
ubuntu/vim<2:8.0.1453-1ubuntu1.13+
ubuntu/vim<2:8.1.2269-1ubuntu5.20
ubuntu/vim<2:8.2.3995-1ubuntu2.13
ubuntu/vim<2:9.0.1000-4ubuntu3.2
and 4 more
CVE-2023-4736
Untrusted Search Path in vim/vim
Vim Vim<9.0.1833
Apple macOS=14.0
CVE-2023-4738
Heap-based Buffer Overflow in vim/vim
Vim Vim<9.0.1848
ubuntu/vim<2:9.0.1672-1ubuntu2.1
ubuntu/vim<2:9.0.1000-4ubuntu3.2
Apple macOS=14.0
Apple macOS Sonoma<14.1
debian/vim<=2:8.1.0875-5+deb10u2<=2:8.1.0875-5+deb10u6<=2:8.2.2434-3+deb11u1<=2:9.0.1378-2
CVE-2023-4734
Integer Overflow or Wraparound in vim/vim
Vim Vim<9.0.1846
Apple macOS<14.1
ubuntu/vim<2:9.0.1672-1ubuntu2.1
ubuntu/vim<2:8.2.3995-1ubuntu2.13
ubuntu/vim<2:9.0.1000-4ubuntu3.2
Apple macOS Sonoma<14.1
and 1 more
CVE-2023-4735
Out-of-bounds Write in vim/vim
Vim Vim<9.0.1847
Apple macOS=14.1
ubuntu/vim<2:9.0.1672-1ubuntu2.1
ubuntu/vim<2:8.0.1453-1ubuntu1.13+
ubuntu/vim<2:8.1.2269-1ubuntu5.20
ubuntu/vim<2:8.2.3995-1ubuntu2.13
and 4 more
CVE-2021-3236
vim 8.2.2348 is affected by null pointer dereference, allows local attackers to cause a denial of service (DoS) via the ex_buffer_all method.
Vim Vim=8.2.2348
CVE-2023-3896
Divide By Zero in vim/vim from 9.0.1367-1 to 9.0.1367-3
Vim Vim=9.0.1367
ubuntu/vim<2:9.0.1000-4ubuntu3.2
debian/vim<=2:8.2.2434-3+deb11u1<=2:9.0.1378-2
CVE-2023-2609
NULL Pointer Dereference in vim/vim
<13.5
<12.6.8
Apple macOS Big Sur<11.7.9
Vim Vim<9.0.1531
Fedoraproject Fedora=37
CVE-2023-2610
Integer Overflow or Wraparound in vim/vim
<13.5
<12.6.8
Apple macOS Big Sur<11.7.9
Vim Vim<9.0.1532
CVE-2023-2426
Use of Out-of-range Pointer Offset in vim/vim
<13.5
<12.6.8
Apple macOS Big Sur<11.7.9
Vim Vim<9.0.1499
CVE-2023-1355
NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.1402.
Vim Vim<9.0.1402
CVE-2023-1264
NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.1392.
Vim Vim<9.0.1392
Fedoraproject Fedora=37
Fedoraproject Fedora=38
CVE-2023-1175
Incorrect Calculation of Buffer Size in GitHub repository vim/vim prior to 9.0.1378.
Vim Vim<9.0.1378
CVE-2023-1170
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1376.
Vim Vim<9.0.1376
CVE-2023-1127
Divide By Zero in GitHub repository vim/vim prior to 9.0.1367.
Vim Vim<9.0.1367
Fedoraproject Fedora=37
CVE-2023-0512
Divide By Zero in GitHub repository vim/vim prior to 9.0.1247.
<13.3
Apple macOS Big Sur<11.7.5
<12.6.4
Vim Vim<9.0.1247
CVE-2023-0433
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1225.
Vim Vim<9.0.1225
Apple macOS Big Sur<11.7.5
CVE-2022-47024
A null pointer dereference issue was discovered in function gui_x11_create_blank_mouse in gui_x11.c in vim 8.1.2269 thru 9.0.0339 allows attackers to cause denial of service or other unspecified impac...
Vim Vim>=8.1.2269<=9.0.0339
CVE-2023-0288
Vim. Multiple issues were addressed by updating to Vim version 9.0.1191.
Vim Vim<9.0.1189
<13.3
CVE-2023-0054
Out-of-bounds Write in GitHub repository vim/vim prior to 9.0.1145.
Vim Vim<9.0.1145
<13.3
CVE-2023-0051
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1144.
Vim Vim<9.0.1144
<13.3
CVE-2023-0049
Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.1143.
Vim Vim<9.0.1143
Fedoraproject Fedora=36
Fedoraproject Fedora=37
CVE-2022-4293
Floating Point Comparison with Incorrect Operator in GitHub repository vim/vim prior to 9.0.0804.
Vim Vim<9.0.0804
ubuntu/vim<2:9.0.0813-1
ubuntu/vim<2:8.1.2269-1ubuntu5.18
ubuntu/vim<2:8.2.3995-1ubuntu2.12
debian/vim<=2:8.1.0875-5+deb10u2<=2:8.1.0875-5+deb10u6<=2:8.2.2434-3+deb11u1
CVE-2022-4292
Use After Free in GitHub repository vim/vim prior to 9.0.0882.
Vim Vim<9.0.0882
NetApp ONTAP Select Deploy administration utility
ubuntu/vim<9.0.0882
ubuntu/vim<2:8.0.1453-1ubuntu1.13+
ubuntu/vim<2:8.1.2269-1ubuntu5.18
ubuntu/vim<2:8.2.3995-1ubuntu2.12
and 1 more
CVE-2022-3491
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0742.
Vim Vim<9.0.0742
ubuntu/vim<2:9.0.0813-1
ubuntu/vim<2:8.2.3995-1ubuntu2.12
debian/vim<=2:8.1.0875-5+deb10u2<=2:8.1.0875-5+deb10u6<=2:8.2.2434-3+deb11u1
CVE-2022-3591
Use After Free in GitHub repository vim/vim prior to 9.0.0789.
Vim Vim<9.0.0789
ubuntu/vim<2:9.0.0813-1
ubuntu/vim<2:7.4.1689-3ubuntu1.5+
ubuntu/vim<2:8.0.1453-1ubuntu1.13+
ubuntu/vim<2:8.1.2269-1ubuntu5.18
ubuntu/vim<2:8.2.3995-1ubuntu2.12
and 2 more
CVE-2022-3520
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0765.
Vim Vim<9.0.0765
ubuntu/vim<2:9.0.0813-1
ubuntu/vim<2:8.1.2269-1ubuntu5.18
ubuntu/vim<2:8.2.3995-1ubuntu2.12
debian/vim<=2:8.1.0875-5+deb10u2<=2:8.1.0875-5+deb10u6<=2:8.2.2434-3+deb11u1
CVE-2022-4141
Heap based buffer overflow in vim/vim 9.0.0946 and below by allowing an attacker to CTRL-W gf in the expression used in the RHS of the substitute command.
Vim Vim<=9.0.0946
Fedoraproject Fedora=36
Fedoraproject Fedora=37
CVE-2022-3705
A vulnerability was found in vim and classified as problematic. Affected by this issue is the function qf_update_buffer of the file quickfix.c of the component autocmd Handler. The manipulation leads ...
Vim Vim<9.0.0805
Fedoraproject Fedora=35
Fedoraproject Fedora=36
Debian Debian Linux=10.0
Apple iPadOS
Apple macOS Ventura<13.2
and 3 more
CVE-2022-3352
Use After Free in GitHub repository vim/vim prior to 9.0.0614.
Vim Vim<9.0.0614
Fedoraproject Fedora=35
Fedoraproject Fedora=36
Fedoraproject Fedora=37
Debian Debian Linux=10.0
ubuntu/vim<9.0.0614
and 4 more
CVE-2022-1725
Vim. Multiple issues were addressed by updating Vim.
Vim Vim<8.2.4959
Apple macOS<13.0
Apple macOS Ventura<13
debian/vim<=2:8.1.0875-5+deb10u2<=2:8.1.0875-5+deb10u6<=2:8.2.2434-3+deb11u1
ubuntu/vim<2:8.0.1453-1ubuntu1.13+
ubuntu/vim<2:8.1.2269-1ubuntu5.21
and 5 more
CVE-2022-3324
Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0598.
Vim Vim<9.0.0598
Fedoraproject Fedora=35
Fedoraproject Fedora=36
Fedoraproject Fedora=37
Debian Debian Linux=10.0
ubuntu/vim<2:7.4.1689-3ubuntu1.5+
and 6 more
CVE-2022-3296
Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0577.
Vim Vim<9.0.0577
Fedoraproject Fedora=35
Fedoraproject Fedora=36
Fedoraproject Fedora=37

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203