Download
| Alert*
CVE-2023-46246
Vim is an improved version of the good old UNIX editor Vi. Heap-use-after-free in memory allocated in the function `ga_grow_inner` in in the file `src/alloc.c` at line 748, which is freed in the file `src/ex_docmd.c` in the function `do_cmdline` at line 1010 and then used again in `src/cmdhist.c` at ... CVE-2023-2610 Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0.1532. CVE-2023-5441 NULL Pointer Dereference in GitHub repository vim/vim prior to 20d161ace307e28690229b68584f2d84556f8960. CVE-2023-4781 Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1873. CVE-2023-4735 Out-of-bounds Write in GitHub repository vim/vim prior to 9.0.1847. CVE-2023-4736 Untrusted Search Path in GitHub repository vim/vim prior to 9.0.1833. CVE-2023-4738 Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1848. CVE-2023-4733 Use After Free in GitHub repository vim/vim prior to 9.0.1840. CVE-2023-4734 Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0.1846. CVE-2023-4750 Use After Free in GitHub repository vim/vim prior to 9.0.1857. CVE-2023-4752 Use After Free in GitHub repository vim/vim prior to 9.0.1858. CVE-2023-48706 Vim is a UNIX editor that, prior to version 9.0.2121, has a heap-use-after-free vulnerability. When executing a `:s` command for the very first time and using a sub-replace-special atom inside the substitution part, it is possible that the recursive `:s` call causes free-ing of memory which may late ... CVE-2023-48231 Vim is an open source command line text editor. When closing a window, vim may try to access already freed window structure. Exploitation beyond crashing the application has not been shown to be viable. This issue has been addressed in commit `25aabc2b` which has been included in release version 9.0 ... CVE-2023-5344 Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1969. |