Shodan
Vulnerabilities
Vulnerable Software
Vim:  >> Vim  >> 7.0.002  Security Vulnerabilities
CVE-2023-48233
Vim is an open source command line text editor. If the count after the :s command is larger than what fits into a (signed) long variable, abort with e_value_too_large. Impact is low, user interaction is required and a crash may not even happen in all situations. This issue has been addressed in commit `ac6378773` which has been included in release version 9.0.2108. Users are advised to upgrade. There are no known workarounds for this vulnerability.
CVSS Score
2.8
EPSS Score
0.001
Published
2023-11-16
CVE-2023-46246
Vim is an improved version of the good old UNIX editor Vi. Heap-use-after-free in memory allocated in the function `ga_grow_inner` in in the file `src/alloc.c` at line 748, which is freed in the file `src/ex_docmd.c` in the function `do_cmdline` at line 1010 and then used again in `src/cmdhist.c` at line 759. When using the `:history` command, it's possible that the provided argument overflows the accepted value. Causing an Integer Overflow and potentially later an use-after-free. This vulnerability has been patched in version 9.0.2068.
CVSS Score
4.0
EPSS Score
0.0
Published
2023-10-27
CVE-2023-5535
Use After Free in GitHub repository vim/vim prior to v9.0.2010.
CVSS Score
7.8
EPSS Score
0.0
Published
2023-10-11
CVE-2023-5441
NULL Pointer Dereference in GitHub repository vim/vim prior to 20d161ace307e28690229b68584f2d84556f8960.
CVSS Score
6.2
EPSS Score
0.0
Published
2023-10-05
CVE-2023-5344
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1969.
CVSS Score
4.0
EPSS Score
0.001
Published
2023-10-02
CVE-2023-4781
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1873.
CVSS Score
7.8
EPSS Score
0.0
Published
2023-09-05
CVE-2023-4750
Use After Free in GitHub repository vim/vim prior to 9.0.1857.
CVSS Score
7.8
EPSS Score
0.0
Published
2023-09-04
CVE-2023-4752
Use After Free in GitHub repository vim/vim prior to 9.0.1858.
CVSS Score
7.8
EPSS Score
0.0
Published
2023-09-04
CVE-2023-4733
Use After Free in GitHub repository vim/vim prior to 9.0.1840.
CVSS Score
7.3
EPSS Score
0.0
Published
2023-09-04
CVE-2023-4751
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1331.
CVSS Score
7.8
EPSS Score
0.0
Published
2023-09-03


Products
Pricing
Contact Us

Shodan ® - All rights reserved