CVE-2024-45306
- EPSS 0.3%
- Veröffentlicht 02.09.2024 18:15:36
- Zuletzt bearbeitet 21.11.2024 09:37:39
Vim is an open source, command line text editor. Patch v9.1.0038 optimized how the cursor position is calculated and removed a loop, that verified that the cursor position always points inside a line and does not become invalid by pointing beyond the...
CVE-2024-43802
- EPSS 0.3%
- Veröffentlicht 26.08.2024 19:15:07
- Zuletzt bearbeitet 15.04.2026 00:35:42
Vim is an improved version of the unix vi text editor. When flushing the typeahead buffer, Vim moves the current position in the typeahead buffer but does not check whether there is enough space left in the buffer to handle the next characters. So t...
CVE-2024-43790
- EPSS 0.31%
- Veröffentlicht 22.08.2024 22:15:05
- Zuletzt bearbeitet 18.08.2025 17:08:16
Vim is an open source command line text editor. When performing a search and displaying the search-count message is disabled (:set shm+=S), the search pattern is displayed at the bottom of the screen in a buffer (msgbuf). When right-left mode (:set r...
CVE-2024-43374
- EPSS 0.35%
- Veröffentlicht 16.08.2024 02:15:17
- Zuletzt bearbeitet 09.06.2026 18:28:22
The UNIX editor Vim prior to version 9.1.0678 has a use-after-free error in argument list handling. When adding a new file to the argument list, this triggers `Buf*` autocommands. If in such an autocommand the buffer that was just opened is closed (i...
CVE-2024-41957
- EPSS 0.36%
- Veröffentlicht 01.08.2024 22:15:29
- Zuletzt bearbeitet 04.11.2025 17:16:02
Vim is an open source command line text editor. Vim < v9.1.0647 has double free in src/alloc.c:616. When closing a window, the corresponding tagstack data will be cleared and freed. However a bit later, the quickfix list belonging to that window will...
CVE-2024-41965
- EPSS 0.29%
- Veröffentlicht 01.08.2024 22:15:29
- Zuletzt bearbeitet 21.11.2024 09:33:21
Vim is an open source command line text editor. double-free in dialog_changed() in Vim < v9.1.0648. When abandoning a buffer, Vim may ask the user what to do with the modified buffer. If the user wants the changed buffer to be saved, Vim may create a...
CVE-2024-22667
- EPSS 0.56%
- Veröffentlicht 05.02.2024 08:15:44
- Zuletzt bearbeitet 04.11.2025 22:15:58
Vim before 9.0.2142 has a stack-based buffer overflow because did_set_langmap in map.c calls sprintf to write to the error buffer that is passed down to the option callback functions.
CVE-2023-48706
- EPSS 0.44%
- Veröffentlicht 22.11.2023 22:15:08
- Zuletzt bearbeitet 23.06.2026 18:17:35
Vim is a UNIX editor that, prior to version 9.0.2121, has a heap-use-after-free vulnerability. When executing a `:s` command for the very first time and using a sub-replace-special atom inside the substitution part, it is possible that the recursive ...
CVE-2023-48234
- EPSS 0.75%
- Veröffentlicht 16.11.2023 23:15:09
- Zuletzt bearbeitet 23.06.2026 18:17:34
Vim is an open source command line text editor. When getting the count for a normal mode z command, it may overflow for large counts given. Impact is low, user interaction is required and a crash may not even happen in all situations. This issue has ...
CVE-2023-48235
- EPSS 0.75%
- Veröffentlicht 16.11.2023 23:15:09
- Zuletzt bearbeitet 23.06.2026 18:17:34
Vim is an open source command line text editor. When parsing relative ex addresses one may unintentionally cause an overflow. Ironically this happens in the existing overflow check, because the line number becomes negative and LONG_MAX - lnum will ca...