Download
| Alert*
oval:org.secpod.oval:def:602681
vim is installed oval:org.secpod.oval:def:116733 vim subpackages are installed oval:org.secpod.oval:def:2000822 VIM version 8.0.1187 ignores umask when creating a swap file resulting in files that may be world readable or otherwise accessible in ways not intended by the user running the vi binary. oval:org.secpod.oval:def:1800192 vim is installed oval:org.secpod.oval:def:55330 getchar.c in Vim before 8.1.1365 and Neovim before 0.3.6 allows remote attackers to execute arbitrary OS commands via the :source! command in a modeline, as demonstrated by execute in Vim, and assert_fails or nvim_input in Neovim. oval:org.secpod.oval:def:504765 Vim is an updated and improved version of the vi editor. Security Fix: * vim: users can execute arbitrary OS commands via scripting interfaces in the rvim restricted mode For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, ... oval:org.secpod.oval:def:70112 vim: Vi IMproved - enhanced vi editor Several security issues were fixed in Vim. oval:org.secpod.oval:def:89003189 This update for vim fixes the following issue: Security issue fixed: - CVE-2019-12735: Fixed a potential arbitrary code execution vulnerability in getchar.c . oval:org.secpod.oval:def:89002894 This update for vim fixes the following issues: - CVE-2019-20807: Fixed an issue where escaping from the restrictive mode of vim was possible using interfaces . oval:org.secpod.oval:def:89003345 This update for vim fixes the following issues: Security issue fixed: - CVE-2019-12735: Fixed a potential arbitrary code execution vulnerability in getchar.c . oval:org.secpod.oval:def:89002896 This update for vim fixes the following issues: - CVE-2019-20807: Fixed an issue where escaping from the restrictive mode of vim was possible using interfaces . oval:org.secpod.oval:def:62225 vim: Vi IMproved - enhanced vi editor Several security issues were fixed in Vim. oval:org.secpod.oval:def:67960 Vim is an updated and improved version of the vi editor. Security Fix: * vim: users can execute arbitrary OS commands via scripting interfaces in the rvim restricted mode For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, ... oval:org.secpod.oval:def:125878 VIM is an updated and improved version of the vi editor. Vi was the first real screen-based editor for UNIX, and is still very popular. VIM improves on vi by adding new features: multiple windows, multi-level undo, block highlighting and more. oval:org.secpod.oval:def:1801470 getchar.c in Vim before 8.1.1365 and Neovim before 0.3.6 allows remote attackers to execute arbitrary OS commands via the :source! command in a modeline, as demonstrated by execute in Vim, and assert_fails or nvim_input in Neovim. oval:org.secpod.oval:def:603949 The update for vim released as DSA 4467-1 introduced a regression which broke syntax highlighting in some circumstances. Updated vim packages are now available to correct this issue. oval:org.secpod.oval:def:603947 User Arminius discovered a vulnerability in Vim, an enhanced version of the standard UNIX editor Vi . The Common vulnerabilities and exposures project identifies the following problem: Editors typically provide a way to embed editor configuration commands which are executed once a file is opened, w ... oval:org.secpod.oval:def:1900198 Vim 8.0 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted source file.NOTE: there might be a limited number of scenarios in which this has security relevance. oval:org.secpod.oval:def:2000455 libvterm through 0+bzr726, as used in Vim and other products, ... oval:org.secpod.oval:def:503171 Vim is an updated and improved version of the vi editor. Security Fix: * vim/neovim: ":source!" command allows arbitrary command execution via modelines For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE p ... oval:org.secpod.oval:def:55530 vim: Vi IMproved - enhanced vi editor Several security issues were fixed in Vim. oval:org.secpod.oval:def:1502652 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:705012 vim: Vi IMproved - enhanced vi editor Several security issues were fixed in Vim. oval:org.secpod.oval:def:1902050 Modelines allow arbitrary code execution by opening a specially crafted text file oval:org.secpod.oval:def:89000676 This update for vim fixes the following issues: - CVE-2019-20807: Fixed an issue where escaping from the restrictive mode of vim was possible using interfaces . oval:org.secpod.oval:def:2500155 Vim is an updated and improved version of the vi editor. oval:org.secpod.oval:def:19500199 Divide By Zero in GitHub repository vim/vim prior to 9.0.1367 oval:org.secpod.oval:def:19500166 A heap-based buffer overflow vulnerability was found in GitHub repository vim/vim prior to 9.0.1376 in Vim's utf_ptr2char function of the src/mbyte.c file. This flaw occurs because there is access to invalid memory with put in visual block mode. An attacker can trick a user into opening a specially ... oval:org.secpod.oval:def:1701225 Divide By Zero in GitHub repository vim/vim prior to 9.0.1367 oval:org.secpod.oval:def:125724 VIM is an updated and improved version of the vi editor. Vi was the first real screen-based editor for UNIX, and is still very popular. VIM improves on vi by adding new features: multiple windows, multi-level undo, block highlighting and more. oval:org.secpod.oval:def:89048797 This update for vim fixes the following issues: Updated to version 9.0 with patch level 1443, fixes the following security problems * CVE-2023-1264: Fixed NULL Pointer Dereference . * CVE-2023-1355: Fixed NULL Pointer Dereference . * CVE-2023-1127: Fixed divide by zero in scrolldown . oval:org.secpod.oval:def:1701921 NULL Pointer Dereference in GitHub repository vim/vim prior to 20d161ace307e28690229b68584f2d84556f8960. Use After Free in GitHub repository vim/vim prior to v9.0.2010 oval:org.secpod.oval:def:19500498 NULL Pointer Dereference in GitHub repository vim/vim prior to 20d161ace307e28690229b68584f2d84556f8960. Use After Free in GitHub repository vim/vim prior to v9.0.2010 oval:org.secpod.oval:def:19500501 Vim is an improved version of the good old UNIX editor Vi. Heap-use-after-free in memory allocated in the function 'ga_grow_inner' in in the file 'src/alloc.c' at line 748, which is freed in the file 'src/ex_docmd.c' in the function 'do_cmdline' at line 1010 and then used again in 'src/cmdhist.c' at ... oval:org.secpod.oval:def:1701935 Vim is an improved version of the good old UNIX editor Vi. Heap-use-after-free in memory allocated in the function `ga_grow_inner` in in the file `src/alloc.c` at line 748, which is freed in the file `src/ex_docmd.c` in the function `do_cmdline` at line 1010 and then used again in `src/cmdhist.c` at ... oval:org.secpod.oval:def:1701989 Vim is an open source command line text editor. When closing a window, vim may try to access already freed window structure. Exploitation beyond crashing the application has not been shown to be viable. This issue has been addressed in commit `25aabc2b` which has been included in release version 9.0 ... oval:org.secpod.oval:def:96504 vim: Vi IMproved - enhanced vi editor Several security issues were fixed in Vim. oval:org.secpod.oval:def:19500515 Vim is an open source command line text editor. When closing a window, vim may try to access already freed window structure. Exploitation beyond crashing the application has not been shown to be viable. This issue has been addressed in commit '25aabc2b' which has been included in release version 9.0 ... oval:org.secpod.oval:def:126897 VIM is an updated and improved version of the vi editor. Vi was the first real screen-based editor for UNIX, and is still very popular. VIM improves on vi by adding new features: multiple windows, multi-level undo, block highlighting and more. oval:org.secpod.oval:def:126898 VIM is an updated and improved version of the vi editor. Vi was the first real screen-based editor for UNIX, and is still very popular. VIM improves on vi by adding new features: multiple windows, multi-level undo, block highlighting and more. oval:org.secpod.oval:def:89048593 This update for vim fixes the following issues: * CVE-2023-0512: Fixed a divide By Zero . * CVE-2023-1175: vim: an incorrect calculation of buffer size . * CVE-2023-1170: Fixed a heap-based Buffer Overflow . * CVE-2023-1127: Fixed divide by zero in scrolldown . Updated to version 9.0 with patch leve ... oval:org.secpod.oval:def:507551 Vim is an updated and improved version of the vi editor. Security Fix: * vim: no check if the return value of XChangeGC is NULL For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the Referen ... oval:org.secpod.oval:def:125239 VIM is an updated and improved version of the vi editor. Vi was the first real screen-based editor for UNIX, and is still very popular. VIM improves on vi by adding new features: multiple windows, multi-level undo, block highlighting and more. oval:org.secpod.oval:def:89048542 This update for vim fixes the following issues: * CVE-2023-0512: Fixed a divide By Zero . * CVE-2023-1175: vim: an incorrect calculation of buffer size . * CVE-2023-1170: Fixed a heap-based Buffer Overflow . * CVE-2023-1127: Fixed divide by zero in scrolldown . Updated to version 9.0 with patch leve ... oval:org.secpod.oval:def:1702032 Vim is a UNIX editor that, prior to version 9.0.2121, has a heap-use-after-free vulnerability. When executing a `:s` command for the very first time and using a sub-replace-special atom inside the substitution part, it is possible that the recursive `:s` call causes free-ing of memory which may late ... oval:org.secpod.oval:def:19500562 Vim is a UNIX editor that, prior to version 9.0.2121, has a heap-use-after-free vulnerability. When executing a `:s` command for the very first time and using a sub-replace-special atom inside the substitution part, it is possible that the recursive `:s` call causes free-ing of memory which may late ... oval:org.secpod.oval:def:1701824 vim 8.2.2348 is affected by null pointer dereference, allows local attackers to cause a denial of service via the ex_buffer_all method. Use After Free in GitHub repository vim/vim prior to 9.0.1840. Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0.1846. Out-of-bounds Write i ... oval:org.secpod.oval:def:89049809 This update for vim fixes the following issues: Security fixes: * CVE-2023-4733: Fixed use-after-free in function buflist_altfpos . * CVE-2023-4734: Fixed segmentation fault in function f_fullcommand . * CVE-2023-4735: Fixed out of bounds write in ops.c . * CVE-2023-4738: Fixed heap buffer overflow ... oval:org.secpod.oval:def:89049817 This update for vim fixes the following issues: Security fixes: * CVE-2023-4733: Fixed use-after-free in function buflist_altfpos . * CVE-2023-4734: Fixed segmentation fault in function f_fullcommand . * CVE-2023-4735: Fixed out of bounds write in ops.c . * CVE-2023-4738: Fixed heap buffer overflow ... oval:org.secpod.oval:def:126125 VIM is an updated and improved version of the vi editor. Vi was the first real screen-based editor for UNIX, and is still very popular. VIM improves on vi by adding new features: multiple windows, multi-level undo, block highlighting and more. oval:org.secpod.oval:def:19500432 Use After Free in GitHub repository vim/vim prior to 9.0.1840. Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0.1846. Out-of-bounds Write in GitHub repository vim/vim prior to 9.0.1847. Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1848. Use After Free ... oval:org.secpod.oval:def:19500228 NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.1531. Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0.1532 oval:org.secpod.oval:def:89049319 This update for vim fixes the following issues: Updated to version 9.0 with patch level 1572. * CVE-2023-2426: Fixed Out-of-range Pointer Offset use . * CVE-2023-2609: Fixed NULL Pointer Dereference . * CVE-2023-2610: Fixed nteger Overflow or Wraparound . * CVE-2023-1264: Fixed NULL Pointer Derefere ... oval:org.secpod.oval:def:91758 vim: Vi IMproved - enhanced vi editor Several security issues were fixed in Vim. oval:org.secpod.oval:def:89049345 This update for vim fixes the following issues: Updated to version 9.0 with patch level 1572. * CVE-2023-2426: Fixed Out-of-range Pointer Offset use . * CVE-2023-2609: Fixed NULL Pointer Dereference . * CVE-2023-2610: Fixed nteger Overflow or Wraparound . oval:org.secpod.oval:def:708232 vim: Vi IMproved - enhanced vi editor Several security issues were fixed in Vim. oval:org.secpod.oval:def:89049248 This update for vim fixes the following issues: * CVE-2023-2426: Fixed out-of-range pointer offset . * CVE-2023-2609: Fixed NULL pointer dereference . * CVE-2023-2610: Fixed integer overflow or wraparound . oval:org.secpod.oval:def:91502 vim: Vi IMproved - enhanced vi editor Several security issues were fixed in Vim. oval:org.secpod.oval:def:90539 vim: Vi IMproved - enhanced vi editor Several security issues were fixed in Vim. oval:org.secpod.oval:def:3300326 SUSE Security Update: Security update for vim oval:org.secpod.oval:def:19500068 Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0483. Use After Free in GitHub repository vim/vim prior to 9.0.0490. Use After Free in GitHub repository vim/vim prior to 9.0.0530. NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0552. Stack-based Buffer Overflo ... oval:org.secpod.oval:def:55459 vim: Vi IMproved - enhanced vi editor Several security issues were fixed in Vim. oval:org.secpod.oval:def:89046037 This update for vim fixes the following issues: - CVE-2022-0318: Fixed heap-based buffer overflow . - CVE-2021-3796: Fixed use-after-free in nv_replace in normal.c . - CVE-2021-3872: Fixed heap-based buffer overflow in win_redr_status drawscreen.c . - CVE-2021-3927: Fixed heap-based buffer overflow ... oval:org.secpod.oval:def:1701146 Use After Free in GitHub repository vim/vim prior to 9.0.0882. Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.1143 oval:org.secpod.oval:def:1800900 vim before patch 8.0.0322 does not properly validate values for tree length when handling a spell file, which may result in an integer overflow at a memory allocation site and a resultant buffer overflow. Reference Patch oval:org.secpod.oval:def:2000323 fileio.c in Vim prior to 8.0.1263 sets the group ownership of a .swp file to the editor"s primary group , which allows local users to obtain sensitive information by leveraging an applicable group membership, as demonstrated by /etc/shadow owned by root:shadow mode 0640, but /etc/.shadow.swp owned b ... oval:org.secpod.oval:def:92535 vim: Vi IMproved - enhanced vi editor Several security issues were fixed in Vim. oval:org.secpod.oval:def:1900870 fileio.c in Vim prior to 8.0.1263 sets the group ownership of a .swp file to the editor"s primary group , which allows local users to obtain sensitive information by leveraging an applicable group membership, as demonstrated by /etc/shadow owned by root:shadow mode 0640, but /etc/.shadow.swp owned b ... oval:org.secpod.oval:def:89045291 This update for vim fixes the following security issues: - Fixed CVE-2016-1248, an arbitrary command execution vulnerability oval:org.secpod.oval:def:86353 Vim is an updated and improved version of the vi editor. Security Fix: * vim: heap-based buffer overflow in win_redr_status in drawscreen.c * vim: illegal memory access in find_start_brace in cindent.c when C-indenting * vim: heap-based buffer overflow in find_help_tags in help.c * vim: use-afte ... oval:org.secpod.oval:def:1900352 vim before patch 8.0.0322 does not properly validate values for tree length when handling a spell file, which may result in an integer overflow at a memory allocation site and a resultant buffer overflow. oval:org.secpod.oval:def:92530 vim: Vi IMproved - enhanced vi editor Several security issues were fixed in Vim. oval:org.secpod.oval:def:4500932 Vim is an updated and improved version of the vi editor. Security Fix: * vim: use after free in utf_ptr2char oval:org.secpod.oval:def:1505222 [8.0.1763-16.0.1] - - Remove upstream references [Orabug: 31197557] [2:8.0.1763-16] - 2004974 - CVE-2021-3796 vim: use-after-free in nv_replace in normal.c [rhel-8.5.0] - 2004891 - CVE-2021-3778 vim: heap-based buffer overflow in utf_ptr2char in mbyte.c [rhel-8.5.0] oval:org.secpod.oval:def:3300686 SUSE Security Update: Security update for vim oval:org.secpod.oval:def:602680 Florian Larysch and Bram Moolenaar discovered that vim, an enhanced vi editor, does not properly validate values for the the "filetype", "syntax" and "keymap" options, which may result in the execution of arbitrary code if a file with a specially crafted modeline is opened. oval:org.secpod.oval:def:1800916 A vulnerability was found in Vim which would allow arbitrary shell commands to be run if a user opened a file with a malicious modeline. This is due to lack of validation of values for a few options. Those options" values are then used in Vim"s scripts to build a command string that"s evaluated by : ... oval:org.secpod.oval:def:89410 vim: Vi IMproved - enhanced vi editor Several security issues were fixed in Vim. oval:org.secpod.oval:def:70113 vim: Vi IMproved - enhanced vi editor Several security issues were fixed in Vim. oval:org.secpod.oval:def:70114 vim: Vi IMproved - enhanced vi editor Several security issues were fixed in Vim. oval:org.secpod.oval:def:75921 vim: Vi IMproved - enhanced vi editor Several security issues were fixed in Vim. oval:org.secpod.oval:def:4500056 Vim is an updated and improved version of the vi editor. For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section. Additional Changes: For detailed information on changes in ... oval:org.secpod.oval:def:124316 VIM is an updated and improved version of the vi editor. Vi was the first real screen-based editor for UNIX, and is still very popular. VIM improves on vi by adding new features: multiple windows, multi-level undo, block highlighting and more. oval:org.secpod.oval:def:51676 vim: Vi IMproved - enhanced vi editor Vim could be made run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:89409 vim: Vi IMproved - enhanced vi editor Several security issues were fixed in Vim. oval:org.secpod.oval:def:124159 VIM is an updated and improved version of the vi editor. Vi was the first real screen-based editor for UNIX, and is still very popular. VIM improves on vi by adding new features: multiple windows, multi-level undo, block highlighting and more. oval:org.secpod.oval:def:1700794 vim is vulnerable to Heap-based Buffer Overflow A flaw was found in vim. A possible heap-based buffer overflow could allow an attacker to input a specially crafted file leading to a crash or code execution. The highest threat from this vulnerability is to data confidentiality and integrity as well a ... oval:org.secpod.oval:def:2500355 Vim is an updated and improved version of the vi editor. oval:org.secpod.oval:def:89048198 This update for vim fixes the following issues: - Updated to version 9.0.1234: - CVE-2023-0433: Fixed an out of bounds memory access that could cause a crash . - CVE-2023-0288: Fixed an out of bounds memory access that could cause a crash . - CVE-2023-0054: Fixed an out of bounds memory write that c ... oval:org.secpod.oval:def:89048197 This update for vim fixes the following issues: - Updated to version 9.0.1234: - CVE-2023-0433: Fixed an out of bounds memory access that could cause a crash . - CVE-2023-0288: Fixed an out of bounds memory access that could cause a crash . - CVE-2023-0054: Fixed an out of bounds memory write that c ... oval:org.secpod.oval:def:1900452 An integer overflow at a u_read_undo memory allocation site would occur for vim before patch 8.0.0377, if it does not properly validate values for tree length when read ing a corrupted undo file, which may lead to resultant buffer overflows. oval:org.secpod.oval:def:75918 vim: Vi IMproved - enhanced vi editor Several security issues were fixed in Vim. oval:org.secpod.oval:def:124162 VIM is an updated and improved version of the vi editor. Vi was the first real screen-based editor for UNIX, and is still very popular. VIM improves on vi by adding new features: multiple windows, multi-level undo, block highlighting and more. oval:org.secpod.oval:def:121170 VIM is an updated and improved version of the vi editor. Vi was the first real screen-based editor for UNIX, and is still very popular. VIM improves on vi by adding new features: multiple windows, multi-level undo, block highlighting and more. oval:org.secpod.oval:def:708373 vim: Vi IMproved - enhanced vi editor Several security issues were fixed in Vim. oval:org.secpod.oval:def:55531 vim: Vi IMproved - enhanced vi editor Several security issues were fixed in Vim. oval:org.secpod.oval:def:1800191 vim before patch 8.0.0322 does not properly validate values for tree length when handling a spell file, which may result in an integer overflow at a memory allocation site and a resultant buffer overflow.. oval:org.secpod.oval:def:120882 VIM is an updated and improved version of the vi editor. Vi was the first real screen-based editor for UNIX, and is still very popular. VIM improves on vi by adding new features: multiple windows, multi-level undo, block highlighting and more. oval:org.secpod.oval:def:121578 VIM is an updated and improved version of the vi editor. Vi was the first real screen-based editor for UNIX, and is still very popular. VIM improves on vi by adding new features: multiple windows, multi-level undo, block highlighting and more. oval:org.secpod.oval:def:89045234 This update for vim fixes the following security issues: - Fixed CVE-2016-1248 an arbitrary command execution vulnerability This update for vim fixes the following issues: - Fix build with Python 3.5 oval:org.secpod.oval:def:86927 vim: Vi IMproved - enhanced vi editor Several security issues were fixed in Vim. oval:org.secpod.oval:def:95074 vim: Vi IMproved - enhanced vi editor Several security issues were fixed in Vim. oval:org.secpod.oval:def:703368 vim: Vi IMproved - enhanced vi editor Vim could be made run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:1701199 A heap buffer overflow vulnerability was found in vim's ins_compl_infercase_gettext function of the src/insexpand.c file. This flaw occurs when vim tries to access uninitialized memory when completing a long line. This flaw allows an attacker to trick a user into opening a specially crafted file, tr ... oval:org.secpod.oval:def:2500583 Vim is an updated and improved version of the vi editor. oval:org.secpod.oval:def:1900382 An integer overflow at an unserialize_uep memory allocation site would occur for vim before patch 8.0.0378, if it does not properly validate values for tree length when read ing a corrupted undo file, which may lead to resultant buffer overflows. oval:org.secpod.oval:def:602774 Editor spell files passed to the vim editor may result in an integer overflow in memory allocation and a resulting buffer overflow which potentially could result in the execution of arbitrary code or denial of service. oval:org.secpod.oval:def:2500602 Vim is an updated and improved version of the vi editor. oval:org.secpod.oval:def:89393 vim: Vi IMproved - enhanced vi editor Several security issues were fixed in Vim. oval:org.secpod.oval:def:121149 VIM is an updated and improved version of the vi editor. Vi was the first real screen-based editor for UNIX, and is still very popular. VIM improves on vi by adding new features: multiple windows, multi-level undo, block highlighting and more. oval:org.secpod.oval:def:62227 vim: Vi IMproved - enhanced vi editor Several security issues were fixed in Vim. oval:org.secpod.oval:def:62226 vim: Vi IMproved - enhanced vi editor Several security issues were fixed in Vim. oval:org.secpod.oval:def:1701067 A vulnerability was found in vim and classified as problematic. Affected by this issue is the function qf_update_buffer of the file quickfix.c of the component autocmd Handler. The manipulation leads to use after free. The attack may be launched remotely. Upgrading to version 9.0.0805 is able to add ... oval:org.secpod.oval:def:89048084 This update for vim fixes the following issues: Updated to version 9.0.1040: - CVE-2022-3491: vim: Heap-based Buffer Overflow prior to 9.0.0742 . - CVE-2022-3520: vim: Heap-based Buffer Overflow . - CVE-2022-3591: vim: Use After Free . - CVE-2022-4292: vim: Use After Free in GitHub repository vim/vi ... oval:org.secpod.oval:def:122519 VIM is an updated and improved version of the vi editor. Vi was the first real screen-based editor for UNIX, and is still very popular. VIM improves on vi by adding new features: multiple windows, multi-level undo, block highlighting and more. oval:org.secpod.oval:def:124947 VIM is an updated and improved version of the vi editor. Vi was the first real screen-based editor for UNIX, and is still very popular. VIM improves on vi by adding new features: multiple windows, multi-level undo, block highlighting and more. oval:org.secpod.oval:def:121396 VIM is an updated and improved version of the vi editor. Vi was the first real screen-based editor for UNIX, and is still very popular. VIM improves on vi by adding new features: multiple windows, multi-level undo, block highlighting and more. oval:org.secpod.oval:def:124302 VIM is an updated and improved version of the vi editor. Vi was the first real screen-based editor for UNIX, and is still very popular. VIM improves on vi by adding new features: multiple windows, multi-level undo, block highlighting and more. oval:org.secpod.oval:def:3300507 SUSE Security Update: Security update for vim oval:org.secpod.oval:def:2500547 Vim is an updated and improved version of the vi editor. oval:org.secpod.oval:def:120946 VIM is an updated and improved version of the vi editor. Vi was the first real screen-based editor for UNIX, and is still very popular. VIM improves on vi by adding new features: multiple windows, multi-level undo, block highlighting and more. oval:org.secpod.oval:def:78164 vim: Vi IMproved - enhanced vi editor Several security issues were fixed in Vim. oval:org.secpod.oval:def:708341 vim: Vi IMproved - enhanced vi editor Several security issues were fixed in Vim. oval:org.secpod.oval:def:78167 vim: Vi IMproved - enhanced vi editor Several security issues were fixed in Vim. oval:org.secpod.oval:def:94964 vim: Vi IMproved - enhanced vi editor Several security issues were fixed in Vim. oval:org.secpod.oval:def:89044747 This update for vim fixes the following issues: Security issues fixed: - CVE-2017-5953: Fixed a possible overflow with corrupted spell file - CVE-2017-6350: Fixed a possible overflow when reading a corrupted undo file - CVE-2017-6349: Fixed a possible overflow when reading a corrupted undo file N ... oval:org.secpod.oval:def:1700756 A flaw was found in vim. A possible heap-based buffer overflow could allow an attacker to input a specially crafted file leading to a crash or code execution. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. A use-after-free vulnerab ... oval:org.secpod.oval:def:4500889 Vim is an updated and improved version of the vi editor. Security Fix: * vim: Heap-based buffer overflow in block_insert in src/ops.c * vim: Heap-based buffer overflow in utf_head_off in mbyte.c * vim: Heap-based buffer overflow in init_ccline in ex_getln.c * vim: Illegal memory access when copy ... oval:org.secpod.oval:def:3301200 SUSE Security Update: Security update for vim oval:org.secpod.oval:def:89047582 This update for vim fixes the following issues: - CVE-2022-0318: Fixed heap-based buffer overflow . - CVE-2021-3796: Fixed use-after-free in nv_replace in normal.c . - CVE-2021-3872: Fixed heap-based buffer overflow in win_redr_status drawscreen.c . - CVE-2021-3927: Fixed heap-based buffer overflow ... oval:org.secpod.oval:def:88478 vim: Vi IMproved - enhanced vi editor Several security issues were fixed in Vim. oval:org.secpod.oval:def:1800309 vim before patch 8.0.0322 does not properly validate values for tree length when handling a spell file, which may result in an integer overflow at a memory allocation site and a resultant buffer overflow. Reference: Patch: oval:org.secpod.oval:def:707884 vim: Vi IMproved - enhanced vi editor Several security issues were fixed in Vim. oval:org.secpod.oval:def:88502 vim: Vi IMproved - enhanced vi editor Several security issues were fixed in Vim. oval:org.secpod.oval:def:89051183 This update for vim fixes the following issues: * CVE-2023-5344: Heap-based Buffer Overflow in vim prior to 9.0.1969 * CVE-2023-5441: segfault in exmode when redrawing * CVE-2023-5535: use-after-free from buf_contents_changed * CVE-2023-46246: Integer Overflow in :history command oval:org.secpod.oval:def:19500455 Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1969 oval:org.secpod.oval:def:3301591 Security update for vim oval:org.secpod.oval:def:95076 vim: Vi IMproved - enhanced vi editor Several security issues were fixed in Vim. oval:org.secpod.oval:def:126271 VIM is an updated and improved version of the vi editor. Vi was the first real screen-based editor for UNIX, and is still very popular. VIM improves on vi by adding new features: multiple windows, multi-level undo, block highlighting and more. oval:org.secpod.oval:def:1701856 Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1969 oval:org.secpod.oval:def:89051165 This update for vim fixes the following issues: Updated to version 9.0 with patch level 2103, fixes the following security problems * CVE-2023-5344: vim: Heap-based Buffer Overflow in vim prior to 9.0.1969 * CVE-2023-5441: vim: segfault in exmode when redrawing * CVE-2023-5535: vim: use-after-free ... oval:org.secpod.oval:def:89051168 This update for vim fixes the following issues: * CVE-2023-5344: Heap-based Buffer Overflow in vim prior to 9.0.1969 * CVE-2023-5441: segfault in exmode when redrawing * CVE-2023-5535: use-after-free from buf_contents_changed * CVE-2023-46246: Integer Overflow in :history command oval:org.secpod.oval:def:94973 vim: Vi IMproved - enhanced vi editor Several security issues were fixed in Vim. oval:org.secpod.oval:def:3301552 Security update for vim oval:org.secpod.oval:def:126304 VIM is an updated and improved version of the vi editor. Vi was the first real screen-based editor for UNIX, and is still very popular. VIM improves on vi by adding new features: multiple windows, multi-level undo, block highlighting and more. oval:org.secpod.oval:def:1601515 It was found that vim was vulnerable to use-after-free flaw in the way it was treating allocated lines in user functions. A specially crafted file could crash the vim process or possibly lead to other undefined behaviors. It was found that vim was vulnerable to a 1 byte heap based out of bounds read ... oval:org.secpod.oval:def:2600094 Vim is an updated and improved version of the vi editor. oval:org.secpod.oval:def:121866 VIM is an updated and improved version of the vi editor. Vi was the first real screen-based editor for UNIX, and is still very popular. VIM improves on vi by adding new features: multiple windows, multi-level undo, block highlighting and more. oval:org.secpod.oval:def:89047403 This update for vim fixes the following issues: - CVE-2017-17087: Fixed information leak via .swp files . - CVE-2021-3875: Fixed heap-based buffer overflow . - CVE-2021-3903: Fixed heap-based buffer overflow . - CVE-2021-3968: Fixed heap-based buffer overflow . - CVE-2021-3973: Fixed heap-based buff ... oval:org.secpod.oval:def:3300693 SUSE Security Update: Security update for vim oval:org.secpod.oval:def:2600028 Vim is an updated and improved version of the vi editor. oval:org.secpod.oval:def:5800135 Vim is an updated and improved version of the vi editor. Security Fix: * vim: Out-of-bounds Write * vim: out-of-bounds write in vim_regsub_both in regexp.c * vim: buffer over-read in utf_ptr2char in mbyte.c For more details about the security issue, including the impact, a CVSS score, acknowledg ... oval:org.secpod.oval:def:708277 vim: Vi IMproved - enhanced vi editor Several security issues were fixed in Vim. oval:org.secpod.oval:def:89580 vim: Vi IMproved - enhanced vi editor Several security issues were fixed in Vim. oval:org.secpod.oval:def:122285 VIM is an updated and improved version of the vi editor. Vi was the first real screen-based editor for UNIX, and is still very popular. VIM improves on vi by adding new features: multiple windows, multi-level undo, block highlighting and more. oval:org.secpod.oval:def:122201 VIM is an updated and improved version of the vi editor. Vi was the first real screen-based editor for UNIX, and is still very popular. VIM improves on vi by adding new features: multiple windows, multi-level undo, block highlighting and more. oval:org.secpod.oval:def:89579 vim: Vi IMproved - enhanced vi editor Several security issues were fixed in Vim. oval:org.secpod.oval:def:19500168 A flaw was found in vim. A possible heap-based buffer overflow could allow an attacker to input a specially crafted file leading to a crash or code execution. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. vim is vulnerable to Heap ... oval:org.secpod.oval:def:122411 VIM is an updated and improved version of the vi editor. Vi was the first real screen-based editor for UNIX, and is still very popular. VIM improves on vi by adding new features: multiple windows, multi-level undo, block highlighting and more. oval:org.secpod.oval:def:122137 VIM is an updated and improved version of the vi editor. Vi was the first real screen-based editor for UNIX, and is still very popular. VIM improves on vi by adding new features: multiple windows, multi-level undo, block highlighting and more. oval:org.secpod.oval:def:89047026 This update for vim fixes the following issues: Updated to version 9.0 with patch level 0313: - CVE-2022-2183: Fixed out-of-bounds read through get_lisp_indent . - CVE-2022-2182: Fixed heap-based buffer overflow through parse_cmd_address . - CVE-2022-2175: Fixed buffer over-read through cmdline_inse ... oval:org.secpod.oval:def:1506449 [8.2.2637-20.0.1] - Remove upstream references [Orabug: 31197557] [2:8.2.2637-20] - CVE-2022-47024 vim: no check if the return value of XChangeGC is NULL [2:8.2.2637-19] - CVE-2022-1785 vim: Out-of-bounds Write - CVE-2022-1897 vim: out-of-bounds write in vim_regsub_both in regexp.c - CVE-2022-1927 v ... oval:org.secpod.oval:def:708096 vim: Vi IMproved - enhanced vi editor Several security issues were fixed in Vim. oval:org.secpod.oval:def:122424 VIM is an updated and improved version of the vi editor. Vi was the first real screen-based editor for UNIX, and is still very popular. VIM improves on vi by adding new features: multiple windows, multi-level undo, block highlighting and more. oval:org.secpod.oval:def:122428 VIM is an updated and improved version of the vi editor. Vi was the first real screen-based editor for UNIX, and is still very popular. VIM improves on vi by adding new features: multiple windows, multi-level undo, block highlighting and more. oval:org.secpod.oval:def:1505880 [8.2.2637-16.0.1] - - Remove upstream references [Orabug: 31197557] [2:8.2.2637-16.2] - CVE-2022-1621 vim: heap buffer overflow - CVE-2022-1629 vim: buffer over-read [2:8.2.2637-16.1] - CVE-2022-0554 vim: Use of Out-of-range Pointer Offset in vim prior - CVE-2022-0943 vim: Heap-based Buffer Overflow ... oval:org.secpod.oval:def:91754 vim: Vi IMproved - enhanced vi editor Several security issues were fixed in Vim. oval:org.secpod.oval:def:96805 vim: Vi IMproved - enhanced vi editor Several security issues were fixed in Vim. oval:org.secpod.oval:def:96804 vim: Vi IMproved - enhanced vi editor Several security issues were fixed in Vim. oval:org.secpod.oval:def:91470 vim: Vi IMproved - enhanced vi editor Several security issues were fixed in Vim. oval:org.secpod.oval:def:121703 VIM is an updated and improved version of the vi editor. Vi was the first real screen-based editor for UNIX, and is still very popular. VIM improves on vi by adding new features: multiple windows, multi-level undo, block highlighting and more. oval:org.secpod.oval:def:122351 VIM is an updated and improved version of the vi editor. Vi was the first real screen-based editor for UNIX, and is still very popular. VIM improves on vi by adding new features: multiple windows, multi-level undo, block highlighting and more. oval:org.secpod.oval:def:89048081 This update for vim fixes the following issues: Updated to version 9.0.0814: * Fixing bsc#1192478 VUL-1: CVE-2021-3928: vim: vim is vulnerable to Stack-based Buffer Overflow * Fixing bsc#1203508 VUL-0: CVE-2022-3234: vim: Heap-based Buffer Overflow prior to 9.0.0483. * Fixing bsc#1203509 VUL-1: CVE- ... oval:org.secpod.oval:def:121704 VIM is an updated and improved version of the vi editor. Vi was the first real screen-based editor for UNIX, and is still very popular. VIM improves on vi by adding new features: multiple windows, multi-level undo, block highlighting and more. oval:org.secpod.oval:def:96505 vim: Vi IMproved - enhanced vi editor Several security issues were fixed in Vim. oval:org.secpod.oval:def:96503 vim: Vi IMproved - enhanced vi editor Several security issues were fixed in Vim. oval:org.secpod.oval:def:3301160 SUSE Security Update: Security update for vim oval:org.secpod.oval:def:122174 VIM is an updated and improved version of the vi editor. Vi was the first real screen-based editor for UNIX, and is still very popular. VIM improves on vi by adding new features: multiple windows, multi-level undo, block highlighting and more. oval:org.secpod.oval:def:122183 VIM is an updated and improved version of the vi editor. Vi was the first real screen-based editor for UNIX, and is still very popular. VIM improves on vi by adding new features: multiple windows, multi-level undo, block highlighting and more. oval:org.secpod.oval:def:122189 VIM is an updated and improved version of the vi editor. Vi was the first real screen-based editor for UNIX, and is still very popular. VIM improves on vi by adding new features: multiple windows, multi-level undo, block highlighting and more. oval:org.secpod.oval:def:708831 vim: Vi IMproved - enhanced vi editor Vim could be made to crash if it opened a specially crafted file. oval:org.secpod.oval:def:127170 VIM is an updated and improved version of the vi editor. Vi was the first real screen-based editor for UNIX, and is still very popular. VIM improves on vi by adding new features: multiple windows, multi-level undo, block highlighting and more. oval:org.secpod.oval:def:127172 VIM is an updated and improved version of the vi editor. Vi was the first real screen-based editor for UNIX, and is still very popular. VIM improves on vi by adding new features: multiple windows, multi-level undo, block highlighting and more. oval:org.secpod.oval:def:89051607 This update for vim fixes the following issues: * CVE-2023-48231: Fixed Use-After-Free in win_close . * CVE-2023-48232: Fixed Floating point Exception in adjust_plines_for_skipcol . * CVE-2023-48233: Fixed overflow with count for :s command . * CVE-2023-48234: Fixed overflow in nv_z_get_count . * CV ... oval:org.secpod.oval:def:99543 vim: Vi IMproved - enhanced vi editor Vim could be made to crash if it opened a specially crafted file. oval:org.secpod.oval:def:89051758 This update for vim fixes the following issues: Updated to version 9.1.0111, fixes the following security problems * CVE-2023-48231: Use-After-Free in win_close . * CVE-2023-48232: Floating point Exception in adjust_plines_for_skipcol . * CVE-2023-48233: overflow with count for :s command . * CVE-20 ... oval:org.secpod.oval:def:89051648 This update for vim fixes the following issues: * CVE-2023-48231: Fixed Use-After-Free in win_close . * CVE-2023-48232: Fixed Floating point Exception in adjust_plines_for_skipcol . * CVE-2023-48233: Fixed overflow with count for :s command . * CVE-2023-48234: Fixed overflow in nv_z_get_count . * CV ... |