📦 Vim
by Vim
🔍 What is Vim?
Description coming soon...
🛡️ Security Overview
Click on a severity to filter vulnerabilities
⚠️ Known Vulnerabilities
A buffer overflow vulnerability in VIM versions 8.1.2135 allows remote attackers to execute arbitrary code by exploiting the operand parameter. This affects users who open malicious files with vulnera...
CVE-2022-0318 is a heap-based buffer overflow vulnerability in Vim text editor versions prior to 8.2. This allows attackers to execute arbitrary code by tricking users into opening specially crafted f...
This CVE describes an uncontrolled search path vulnerability in Vim on Windows that allows arbitrary code execution. When Vim runs external commands via :grep, :!, or :make, it searches the current wo...
This CVE describes a use-after-free vulnerability in Vim's tuple reference management when processing nested tuples in Vim script. An attacker could exploit this to cause memory corruption, potentiall...
This vulnerability in Vim's tar.vim plugin allows arbitrary shell command execution when opening specially crafted tar archives. Attackers can exploit this by tricking users into opening malicious tar...
CVE-2024-22667 is a stack-based buffer overflow vulnerability in Vim's map.c file where the did_set_langmap function uses sprintf to write to an error buffer, potentially allowing arbitrary code execu...
CVE-2023-5344 is a heap-based buffer overflow vulnerability in Vim text editor versions prior to 9.0.1969. Attackers can exploit this by tricking users into opening specially crafted files, potentiall...
CVE-2023-4750 is a use-after-free vulnerability in Vim text editor that could allow an attacker to execute arbitrary code by tricking a user into opening a specially crafted file. This affects all use...
CVE-2023-4751 is a heap-based buffer overflow vulnerability in Vim text editor versions prior to 9.0.1331. Attackers can exploit this by tricking users into opening specially crafted files, potentiall...
CVE-2023-4736 is an untrusted search path vulnerability in Vim that allows attackers to execute arbitrary code by placing malicious files in directories that Vim searches. This affects users running v...
An integer overflow vulnerability in Vim before version 9.0.1846 allows attackers to cause a denial of service or potentially execute arbitrary code by opening specially crafted files. This affects al...
This vulnerability is a divide-by-zero error in Vim text editor versions 9.0.1367-1 through 9.0.1367-3. It allows attackers to crash Vim by opening specially crafted files, potentially leading to deni...
CVE-2023-1127 is a divide-by-zero vulnerability in Vim text editor that can cause a crash or potentially allow arbitrary code execution when processing specially crafted files. This affects users runn...
CVE-2022-2522 is a heap-based buffer overflow vulnerability in Vim text editor versions prior to 9.0.0061. Attackers can exploit this by tricking users into opening specially crafted files, potentiall...
This CVE describes a Use After Free vulnerability in Vim text editor versions prior to 9.0.0046. Attackers can exploit this memory corruption flaw by tricking users into opening specially crafted file...
CVE-2022-2210 is an out-of-bounds write vulnerability in Vim text editor versions prior to 8.2. This allows attackers to execute arbitrary code by tricking users into opening specially crafted files. ...
CVE-2022-2207 is a heap-based buffer overflow vulnerability in Vim text editor versions prior to 8.2. This allows attackers to execute arbitrary code by tricking users into opening specially crafted f...
CVE-2022-2206 is an out-of-bounds read vulnerability in Vim text editor versions prior to 8.2. This allows attackers to read sensitive memory contents, potentially exposing passwords, keys, or other c...
CVE-2022-2182 is a heap-based buffer overflow vulnerability in Vim text editor versions prior to 8.2. This allows attackers to execute arbitrary code by tricking users into opening specially crafted f...
CVE-2022-2175 is a buffer over-read vulnerability in Vim text editor versions prior to 8.2. This allows attackers to read memory beyond allocated buffers, potentially exposing sensitive information. A...
CVE-2022-2129 is an out-of-bounds write vulnerability in Vim text editor versions prior to 8.2. This allows attackers to execute arbitrary code by tricking users into opening specially crafted files. ...
CVE-2022-2125 is a heap-based buffer overflow vulnerability in Vim text editor versions prior to 8.2. This allows attackers to execute arbitrary code by tricking users into opening specially crafted f...
CVE-2022-2124 is a buffer over-read vulnerability in Vim text editor that allows reading beyond allocated memory boundaries. This affects users running Vim versions prior to 8.2.4961, potentially lead...
CVE-2022-2042 is a use-after-free vulnerability in Vim text editor versions prior to 8.2. This memory corruption flaw could allow attackers to execute arbitrary code or cause denial of service by tric...
CVE-2022-2000 is an out-of-bounds write vulnerability in Vim text editor versions prior to 8.2. This allows attackers to execute arbitrary code by tricking users into opening specially crafted files. ...
CVE-2022-1968 is a use-after-free vulnerability in Vim text editor versions prior to 8.2. This allows attackers to execute arbitrary code by tricking users into opening specially crafted files. Anyone...
CVE-2022-1897 is an out-of-bounds write vulnerability in Vim text editor versions prior to 8.2. This allows attackers to execute arbitrary code by tricking users into opening specially crafted files. ...
CVE-2022-1898 is a use-after-free vulnerability in Vim text editor that allows attackers to execute arbitrary code by tricking users into opening specially crafted files. This affects all users runnin...
CVE-2022-1735 is a classic buffer overflow vulnerability in Vim text editor versions prior to 8.2.4969. Attackers can exploit this by tricking users into opening specially crafted files, potentially a...
CVE-2022-1733 is a heap-based buffer overflow vulnerability in Vim text editor versions prior to 8.2.4968. Attackers can exploit this by tricking users into opening specially crafted files, potentiall...
CVE-2022-1629 is a buffer over-read vulnerability in Vim's find_next_quote function that could allow attackers to crash the application, modify memory, or potentially execute arbitrary code. This affe...
CVE-2022-1619 is a heap-based buffer overflow vulnerability in Vim's command-line editing function that could allow attackers to crash the application, modify memory, or potentially execute arbitrary ...
CVE-2022-1616 is a use-after-free vulnerability in Vim's append_command function that allows attackers to crash the application, bypass memory protections, modify memory, and potentially achieve remot...
CVE-2022-1381 is a heap buffer overflow vulnerability in Vim's skip_range function that allows attackers to crash the application, bypass memory protections, modify memory, and potentially execute arb...
CVE-2022-1154 is a use-after-free vulnerability in Vim's utf_ptr2char function that could allow an attacker to execute arbitrary code or cause a denial of service. Users who open specially crafted fil...
CVE-2022-0943 is a heap-based buffer overflow vulnerability in Vim text editor versions prior to 8.2.4563. Attackers can exploit this by tricking users into opening specially crafted files, potentiall...
CVE-2022-0729 is a use-after-free vulnerability in Vim's memory handling that allows an attacker to execute arbitrary code by tricking a user into opening a specially crafted file. This affects all us...
CVE-2022-0685 is a memory corruption vulnerability in Vim text editor caused by an out-of-range pointer offset. Attackers can exploit this by tricking users into opening specially crafted files, poten...
CVE-2022-0629 is a stack-based buffer overflow vulnerability in Vim text editor versions prior to 8.2. This allows attackers to execute arbitrary code by tricking users into opening specially crafted ...
CVE-2022-0443 is a use-after-free vulnerability in Vim text editor versions prior to 8.2. This memory corruption flaw could allow attackers to execute arbitrary code or cause denial of service by tric...
CVE-2022-0417 is a heap-based buffer overflow vulnerability in Vim text editor versions prior to 8.2. This allows attackers to execute arbitrary code by tricking users into opening specially crafted f...
CVE-2022-0408 is a stack-based buffer overflow vulnerability in Vim text editor that allows attackers to execute arbitrary code by tricking users into opening specially crafted files. This affects all...
A stack buffer overflow vulnerability in Vim's NetBeans integration allows remote code execution when processing malicious specialKeys commands. This affects Vim builds with NetBeans feature enabled, ...
A heap buffer overflow vulnerability in Vim's tag file resolution logic allows attackers to execute arbitrary code or crash the application by exploiting the 'helpfile' option. This affects all users ...
A buffer overflow vulnerability in vim's xxd component allows local attackers to execute arbitrary code or cause denial of service. The flaw exists in the main function of src/xxd/xxd.c and affects vi...
A path traversal vulnerability in Vim's tar.vim plugin allows specially crafted tar archives to overwrite arbitrary files when opened. This affects Vim users who open untrusted tar archives, requiring...
Vim versions before 9.1.1198 contain a vulnerability in zip.vim that could cause data loss when users view specially crafted zip files and press 'x' on unusual filenames. This affects users who open z...
CVE-2025-22134 is a heap-buffer overflow vulnerability in Vim that occurs when switching buffers using the :all command while visual mode is active. This allows attackers to potentially execute arbitr...
A heap buffer overflow vulnerability in Vim text editor occurs when cursor position becomes invalid and points beyond line boundaries, potentially causing program crashes. This affects all users runni...
CVE-2024-43374 is a use-after-free vulnerability in Vim's argument list handling that can cause the editor to crash. It affects users running Vim versions prior to 9.1.0678 who manually create unusual...
This CVE describes a double-free vulnerability in Vim's dialog_changed() function that occurs when abandoning an unnamed modified buffer. The vulnerability can lead to heap corruption, crashes, and po...
CVE-2022-2598 is an out-of-bounds write vulnerability in Vim's API that could allow arbitrary code execution when processing specially crafted input. This affects users running Vim versions prior to 9...