Known Vulnerabilities for Vim by Vim

Listed below are 10 of the newest known vulnerabilities associated with the software "Vim" by "Vim".

These CVEs are retrieved based on exact matches on listed software and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.

Data on known vulnerable versions is also displayed based on information from known CPEs

Known Vulnerabilities

CVE Shortened Description Severity Publish Date Last Modified
CVE-2021-3796 vim is vulnerable to Use After Free 7.3 - HIGH 2021-09-15 2021-10-16
CVE-2021-3778 vim is vulnerable to Heap-based Buffer Overflow 7.8 - HIGH 2021-09-15 2021-10-16
CVE-2021-3770 vim is vulnerable to Heap-based Buffer Overflow 7.8 - HIGH 2021-09-06 2021-10-01
CVE-2019-20807 In Vim before 8.1.0881, users can circumvent the rvim restricted mode and execute arbitrary OS commands via scripting interfa... 5.3 - MEDIUM 2020-05-28 2020-10-20
CVE-2019-20079 The autocmd feature in window.c in Vim before 8.1.2136 accesses freed memory. 7.8 - HIGH 2019-12-30 2020-10-20
CVE-2019-12735 getchar.c in Vim before 8.1.1365 and Neovim before 0.3.6 allows remote attackers to execute arbitrary OS commands via the :so... 8.6 - HIGH 2019-06-05 2019-06-13
CVE-2017-11109 Vim 8.0 allows attackers to cause a denial of service (invalid free) or possibly have unspecified other impact via a crafted ... 7.8 - HIGH 2017-07-08 2019-08-03
CVE-2017-6350 An integer overflow at an unserialize_uep memory allocation site would occur for vim before patch 8.0.0378, if it does not pr... 9.8 - CRITICAL 2017-02-27 2018-08-13
CVE-2017-6349 An integer overflow at a u_read_undo memory allocation site would occur for vim before patch 8.0.0377, if it does not properl... 9.8 - CRITICAL 2017-02-27 2018-08-13
CVE-2017-5953 vim before patch 8.0.0322 does not properly validate values for tree length when handling a spell file, which may result in a... 9.8 - CRITICAL 2017-02-10 2019-06-11

Known Affected Configurations (CPE V2.3)

Type Vendor Product Version Update Edition Language
ApplicationVimVim8.2.0834AllAllAll
ApplicationVimVim8.2.0833AllAllAll
ApplicationVimVim8.2.0832AllAllAll
ApplicationVimVim8.2.0831AllAllAll
ApplicationVimVim8.2.0830AllAllAll
ApplicationVimVim8.2.0829AllAllAll
ApplicationVimVim8.2.0828AllAllAll
ApplicationVimVim8.2.0827AllAllAll
ApplicationVimVim8.2.0826AllAllAll
ApplicationVimVim8.2.0825AllAllAll
ApplicationVimVim8.2.0824AllAllAll
ApplicationVimVim8.2.0823AllAllAll
ApplicationVimVim8.2.0822AllAllAll
ApplicationVimVim8.2.0821AllAllAll
ApplicationVimVim8.2.0820AllAllAll
ApplicationVimVim8.2.0819AllAllAll
ApplicationVimVim8.2.0818AllAllAll
ApplicationVimVim8.2.0817AllAllAll
ApplicationVimVim8.2.0816AllAllAll
ApplicationVimVim8.2.0815AllAllAll
Trademarks for "Vim" by "Vim" obtained from uspto.report
Mark Image Details
VIM
"VIM"
90030659
VIM
VIMaec, LLC
2020-07-01
VIM
"VIM"
5734731 87645683
VIM
VIM, INC.
2017-10-13
VIM
"VIM"
4887836 86452745
VIM
VIM Life, LLC
2014-11-12
VIM
"VIM"
2722284 76284661
VIM
Vimatix Inc.
2001-07-13
VIM
"VIM"
1461831 73595899
VIM
VIM CORPORATION
1986-04-29

Popular searches for Vim

vim/vim

github.com/vim/vim

vim/vim The official Vim repository. Contribute to GitHub.

Vim (text editor) GitHub README Text file Computer file Vi Patch (computing) Repository (version control) Software repository Microsoft Windows Unix Compiler Adobe Contribute Installation (computer programs) Linux distribution Amiga Scripting language Command-line interface Run time (program lifecycle phase) Software license

© CVE.report 2021 Twitter Nitter Twitter Viewer |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

CVE.report and Source URL Uptime Status status.cve.report