| Bug | buster | bullseye | bookworm | sid | Description |
|---|
| CVE-2022-4141 | vulnerable | vulnerable (no DSA) | vulnerable | vulnerable | Heap based buffer overflow in vim/vim 9.0.0946 and below by allowing a ... |
| CVE-2022-3324 | fixed | vulnerable (no DSA) | fixed | fixed | Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0. ... |
| CVE-2022-3134 | fixed | vulnerable (no DSA) | fixed | fixed | Use After Free in GitHub repository vim/vim prior to 9.0.0389. ... |
| CVE-2022-3099 | fixed | vulnerable (no DSA) | fixed | fixed | Use After Free in GitHub repository vim/vim prior to 9.0.0360. ... |
| CVE-2022-2304 | fixed | vulnerable (no DSA) | fixed | fixed | Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0. ... |
| CVE-2022-2129 | fixed | vulnerable (no DSA) | fixed | fixed | Out-of-bounds Write in GitHub repository vim/vim prior to 8.2. ... |
| CVE-2022-2000 | fixed | vulnerable (no DSA) | fixed | fixed | Out-of-bounds Write in GitHub repository vim/vim prior to 8.2. ... |
| CVE-2022-1942 | fixed | vulnerable (no DSA) | fixed | fixed | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. ... |
| CVE-2022-1897 | fixed | vulnerable (no DSA) | fixed | fixed | Out-of-bounds Write in GitHub repository vim/vim prior to 8.2. ... |
| CVE-2022-1785 | fixed | vulnerable (no DSA) | fixed | fixed | Out-of-bounds Write in GitHub repository vim/vim prior to 8.2.4977. ... |
| CVE-2022-1616 | fixed | vulnerable (no DSA) | fixed | fixed | Use after free in append_command in GitHub repository vim/vim prior to ... |
| CVE-2022-0572 | fixed | vulnerable (no DSA) | fixed | fixed | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. ... |
| CVE-2022-0417 | fixed | vulnerable (no DSA) | fixed | fixed | Heap-based Buffer Overflow GitHub repository vim/vim prior to 8.2. ... |
| CVE-2022-0392 | fixed | vulnerable (no DSA) | fixed | fixed | Heap-based Buffer Overflow in GitHub repository vim prior to 8.2. ... |
| CVE-2022-0361 | fixed | vulnerable (no DSA) | fixed | fixed | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. ... |
| CVE-2022-0359 | fixed | vulnerable (no DSA) | fixed | fixed | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. ... |
| CVE-2022-0351 | fixed | vulnerable (no DSA) | fixed | fixed | Access of Memory Location Before Start of Buffer in GitHub repository ... |
| CVE-2022-0261 | fixed | vulnerable (no DSA) | fixed | fixed | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. ... |
| CVE-2021-4187 | fixed | vulnerable (no DSA) | fixed | fixed | vim is vulnerable to Use After Free ... |
| CVE-2021-4173 | fixed | vulnerable (no DSA) | fixed | fixed | vim is vulnerable to Use After Free ... |
| CVE-2021-4019 | fixed | vulnerable (no DSA) | fixed | fixed | vim is vulnerable to Heap-based Buffer Overflow ... |
| CVE-2021-3872 | fixed | vulnerable (no DSA) | fixed | fixed | vim is vulnerable to Heap-based Buffer Overflow ... |
| Bug | buster | bullseye | bookworm | sid | Description |
|---|
| CVE-2022-3705 | fixed | vulnerable | fixed | fixed | A vulnerability was found in vim and classified as problematic. Affect ... |
| CVE-2022-3352 | fixed | vulnerable | fixed | fixed | Use After Free in GitHub repository vim/vim prior to 9.0.0614. ... |
| CVE-2022-3297 | vulnerable | vulnerable | fixed | fixed | Use After Free in GitHub repository vim/vim prior to 9.0.0579. ... |
| CVE-2022-3296 | vulnerable | vulnerable | fixed | fixed | Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0. ... |
| CVE-2022-3278 | vulnerable | vulnerable | fixed | fixed | NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.055 ... |
| CVE-2022-3256 | fixed | vulnerable | fixed | fixed | Use After Free in GitHub repository vim/vim prior to 9.0.0530. ... |
| CVE-2022-3235 | fixed | vulnerable | fixed | fixed | Use After Free in GitHub repository vim/vim prior to 9.0.0490. ... |
| CVE-2022-3234 | fixed | vulnerable | fixed | fixed | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0 ... |
| CVE-2022-3153 | vulnerable | vulnerable | fixed | fixed | NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.040 ... |
| CVE-2022-3037 | fixed | vulnerable | fixed | fixed | Use After Free in GitHub repository vim/vim prior to 9.0.0322. ... |
| CVE-2022-3016 | vulnerable | vulnerable | fixed | fixed | Use After Free in GitHub repository vim/vim prior to 9.0.0286. ... |
| CVE-2022-2982 | fixed | vulnerable | fixed | fixed | Use After Free in GitHub repository vim/vim prior to 9.0.0260. ... |
| CVE-2022-2980 | vulnerable | vulnerable | fixed | fixed | NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.025 ... |
| CVE-2022-2946 | fixed | vulnerable | fixed | fixed | Use After Free in GitHub repository vim/vim prior to 9.0.0246. ... |
| CVE-2022-2923 | vulnerable | vulnerable | fixed | fixed | NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.024 ... |
| CVE-2022-2889 | vulnerable | vulnerable | fixed | fixed | Use After Free in GitHub repository vim/vim prior to 9.0.0225. ... |
| CVE-2022-2874 | vulnerable | vulnerable | fixed | fixed | NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.022 ... |
| CVE-2022-2862 | fixed | vulnerable | fixed | fixed | Use After Free in GitHub repository vim/vim prior to 9.0.0221. ... |
| CVE-2022-2849 | vulnerable | vulnerable | fixed | fixed | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0 ... |
| CVE-2022-2845 | vulnerable | vulnerable | fixed | fixed | Buffer Over-read in GitHub repository vim/vim prior to 9.0.0218. ... |
| CVE-2022-2819 | fixed | vulnerable | fixed | fixed | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0 ... |
| CVE-2022-2817 | fixed | vulnerable | fixed | fixed | Use After Free in GitHub repository vim/vim prior to 9.0.0213. ... |
| CVE-2022-2816 | vulnerable | vulnerable | fixed | fixed | Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.0212. ... |
| CVE-2022-2598 | fixed | vulnerable | fixed | fixed | Undefined Behavior for Input to API in GitHub repository vim/vim prior ... |
| CVE-2022-2581 | vulnerable | vulnerable | fixed | fixed | Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.0104. ... |
| CVE-2022-2571 | fixed | vulnerable | fixed | fixed | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0 ... |
| CVE-2022-2522 | vulnerable | vulnerable | fixed | fixed | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0 ... |
| CVE-2022-2345 | vulnerable | vulnerable | fixed | fixed | Use After Free in GitHub repository vim/vim prior to 9.0.0046. ... |
| CVE-2022-2344 | vulnerable | vulnerable | fixed | fixed | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0 ... |
| CVE-2022-2343 | vulnerable | vulnerable | fixed | fixed | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0 ... |
| CVE-2022-2289 | vulnerable | vulnerable | fixed | fixed | Use After Free in GitHub repository vim/vim prior to 9.0. ... |
| CVE-2022-2287 | vulnerable | vulnerable | fixed | fixed | Out-of-bounds Read in GitHub repository vim/vim prior to 9.0. ... |
| CVE-2022-2286 | vulnerable | vulnerable | fixed | fixed | Out-of-bounds Read in GitHub repository vim/vim prior to 9.0. ... |
| CVE-2022-2285 | fixed | vulnerable | fixed | fixed | Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9 ... |
| CVE-2022-2284 | vulnerable | vulnerable | fixed | fixed | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0. ... |
| CVE-2022-2264 | vulnerable | vulnerable | fixed | fixed | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0. ... |
| CVE-2022-2257 | vulnerable | vulnerable | fixed | fixed | Out-of-bounds Read in GitHub repository vim/vim prior to 9.0. ... |
| CVE-2022-2231 | vulnerable | vulnerable | fixed | fixed | NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2. ... |
| CVE-2022-2210 | vulnerable | vulnerable | fixed | fixed | Out-of-bounds Write in GitHub repository vim/vim prior to 8.2. ... |
| CVE-2022-2208 | vulnerable | vulnerable | fixed | fixed | NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.516 ... |
| CVE-2022-2207 | vulnerable | vulnerable | fixed | fixed | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. ... |
| CVE-2022-2206 | vulnerable | vulnerable | fixed | fixed | Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. ... |
| CVE-2022-2183 | vulnerable | vulnerable | fixed | fixed | Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. ... |
| CVE-2022-2182 | vulnerable | vulnerable | fixed | fixed | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. ... |
| CVE-2022-2175 | vulnerable | vulnerable | fixed | fixed | Buffer Over-read in GitHub repository vim/vim prior to 8.2. ... |
| CVE-2022-2126 | vulnerable | vulnerable | fixed | fixed | Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. ... |
| CVE-2022-2125 | vulnerable | vulnerable | fixed | fixed | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. ... |
| CVE-2022-2124 | vulnerable | vulnerable | fixed | fixed | Buffer Over-read in GitHub repository vim/vim prior to 8.2. ... |
| CVE-2022-2042 | vulnerable | vulnerable | fixed | fixed | Use After Free in GitHub repository vim/vim prior to 8.2. ... |
| CVE-2022-1968 | fixed | vulnerable | fixed | fixed | Use After Free in GitHub repository vim/vim prior to 8.2. ... |
| CVE-2022-1927 | vulnerable | vulnerable | fixed | fixed | Buffer Over-read in GitHub repository vim/vim prior to 8.2. ... |
| CVE-2022-1898 | fixed | vulnerable | fixed | fixed | Use After Free in GitHub repository vim/vim prior to 8.2. ... |
| CVE-2022-1886 | vulnerable | vulnerable | fixed | fixed | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. ... |
| CVE-2022-1851 | fixed | vulnerable | fixed | fixed | Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. ... |
| CVE-2022-1796 | vulnerable | vulnerable | fixed | fixed | Use After Free in GitHub repository vim/vim prior to 8.2.4979. ... |
| CVE-2022-1771 | vulnerable | vulnerable | fixed | fixed | Uncontrolled Recursion in GitHub repository vim/vim prior to 8.2.4975. ... |
| CVE-2022-1769 | vulnerable | vulnerable | fixed | fixed | Buffer Over-read in GitHub repository vim/vim prior to 8.2.4974. ... |
| CVE-2022-1735 | vulnerable | vulnerable | fixed | fixed | Classic Buffer Overflow in GitHub repository vim/vim prior to 8.2.4969 ... |
| CVE-2022-1733 | vulnerable | vulnerable | fixed | fixed | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4 ... |
| CVE-2022-1725 | vulnerable | vulnerable | fixed | fixed | NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.495 ... |
| CVE-2022-1720 | fixed | vulnerable | fixed | fixed | Buffer Over-read in function grab_file_name in GitHub repository vim/v ... |
| CVE-2022-1674 | vulnerable | vulnerable | fixed | fixed | NULL Pointer Dereference in function vim_regexec_string at regexp.c:27 ... |
| CVE-2022-1629 | vulnerable | vulnerable | fixed | fixed | Buffer Over-read in function find_next_quote in GitHub repository vim/ ... |
| CVE-2022-1621 | fixed | vulnerable | fixed | fixed | Heap buffer overflow in vim_strncpy find_word in GitHub repository vim ... |
| CVE-2022-1620 | vulnerable | vulnerable | fixed | fixed | NULL Pointer Dereference in function vim_regexec_string at regexp.c:27 ... |
| CVE-2022-1619 | fixed | vulnerable | fixed | fixed | Heap-based Buffer Overflow in function cmdline_erase_chars in GitHub r ... |
| CVE-2022-1420 | fixed | vulnerable | fixed | fixed | Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior ... |
| CVE-2022-1154 | fixed | vulnerable | fixed | fixed | Use after free in utf_ptr2char in GitHub repository vim/vim prior to 8 ... |
| CVE-2022-0943 | fixed | vulnerable | fixed | fixed | Heap-based Buffer Overflow occurs in vim in GitHub repository vim/vim ... |
| CVE-2022-0729 | fixed | vulnerable | fixed | fixed | Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior ... |
| CVE-2022-0714 | fixed | vulnerable | fixed | fixed | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4 ... |
| CVE-2022-0696 | fixed | vulnerable | fixed | fixed | NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.442 ... |
| CVE-2022-0685 | fixed | vulnerable | fixed | fixed | Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior ... |
| CVE-2022-0629 | fixed | vulnerable | fixed | fixed | Stack-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. ... |
| CVE-2022-0554 | fixed | vulnerable | fixed | fixed | Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior ... |
| CVE-2022-0443 | fixed | vulnerable | fixed | fixed | Use After Free in GitHub repository vim/vim prior to 8.2. ... |
| CVE-2022-0413 | fixed | vulnerable | fixed | fixed | Use After Free in GitHub repository vim/vim prior to 8.2. ... |
| CVE-2022-0408 | fixed | vulnerable | fixed | fixed | Stack-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. ... |
| CVE-2022-0407 | fixed | vulnerable | fixed | fixed | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. ... |
| CVE-2022-0393 | fixed | vulnerable | fixed | fixed | Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. ... |
| CVE-2022-0368 | fixed | vulnerable | fixed | fixed | Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. ... |
| CVE-2022-0319 | fixed | vulnerable | fixed | fixed | Out-of-bounds Read in vim/vim prior to 8.2. ... |
| CVE-2022-0318 | fixed | vulnerable | fixed | fixed | Heap-based Buffer Overflow in vim/vim prior to 8.2. ... |
| CVE-2022-0213 | fixed | vulnerable | fixed | fixed | vim is vulnerable to Heap-based Buffer Overflow ... |
| CVE-2022-0158 | fixed | vulnerable | fixed | fixed | vim is vulnerable to Heap-based Buffer Overflow ... |
| CVE-2022-0156 | fixed | vulnerable | fixed | fixed | vim is vulnerable to Use After Free ... |
| CVE-2021-4193 | fixed | vulnerable | fixed | fixed | vim is vulnerable to Out-of-bounds Read ... |
| CVE-2021-4192 | fixed | vulnerable | fixed | fixed | vim is vulnerable to Use After Free ... |
| CVE-2021-4166 | vulnerable | vulnerable | fixed | fixed | vim is vulnerable to Out-of-bounds Read ... |
| CVE-2021-4136 | fixed | vulnerable | fixed | fixed | vim is vulnerable to Heap-based Buffer Overflow ... |
| CVE-2021-4069 | fixed | vulnerable | fixed | fixed | vim is vulnerable to Use After Free ... |
| CVE-2021-3984 | fixed | vulnerable | fixed | fixed | vim is vulnerable to Heap-based Buffer Overflow ... |
| CVE-2021-3974 | fixed | vulnerable | fixed | fixed | vim is vulnerable to Use After Free ... |
| CVE-2021-3973 | vulnerable | vulnerable | fixed | fixed | vim is vulnerable to Heap-based Buffer Overflow ... |
| CVE-2021-3968 | fixed | vulnerable | fixed | fixed | vim is vulnerable to Heap-based Buffer Overflow ... |
| CVE-2021-3928 | fixed | vulnerable | fixed | fixed | vim is vulnerable to Use of Uninitialized Variable ... |
| CVE-2021-3927 | fixed | vulnerable | fixed | fixed | vim is vulnerable to Heap-based Buffer Overflow ... |
| CVE-2021-3903 | vulnerable | vulnerable | fixed | fixed | vim is vulnerable to Heap-based Buffer Overflow ... |
| CVE-2017-1000382 | vulnerable | vulnerable | vulnerable | vulnerable | VIM version 8.0.1187 (and other versions most likely) ignores umask wh ... |
| CVE-2008-4677 | vulnerable | vulnerable | vulnerable | vulnerable | autoload/netrw.vim (aka the Netrw Plugin) 109, 131, and other versions ... |
| Bug | Description |
|---|
| CVE-2022-2580 | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0 ... |
| CVE-2022-2288 | Out-of-bounds Write in GitHub repository vim/vim prior to 9.0. ... |
| CVE-2022-1381 | global heap buffer overflow in skip_range in GitHub repository vim/vim ... |
| CVE-2022-1160 | heap buffer overflow in get_one_sourceline in GitHub repository vim/vi ... |
| CVE-2022-0128 | vim is vulnerable to Out-of-bounds Read ... |
| CVE-2021-3875 | vim is vulnerable to Heap-based Buffer Overflow ... |
| CVE-2021-3796 | vim is vulnerable to Use After Free ... |
| CVE-2021-3778 | vim is vulnerable to Heap-based Buffer Overflow ... |
| CVE-2021-3770 | vim is vulnerable to Heap-based Buffer Overflow ... |
| CVE-2019-20807 | In Vim before 8.1.0881, users can circumvent the rvim restricted mode ... |
| CVE-2019-20079 | The autocmd feature in window.c in Vim before 8.1.2136 accesses freed ... |
| CVE-2019-12735 | getchar.c in Vim before 8.1.1365 and Neovim before 0.3.6 allows remote ... |
| CVE-2018-20786 | libvterm through 0+bzr726, as used in Vim and other products, mishandl ... |
| CVE-2017-17087 | fileio.c in Vim prior to 8.0.1263 sets the group ownership of a .swp f ... |
| CVE-2017-11109 | Vim 8.0 allows attackers to cause a denial of service (invalid free) o ... |
| CVE-2017-6350 | An integer overflow at an unserialize_uep memory allocation site would ... |
| CVE-2017-6349 | An integer overflow at a u_read_undo memory allocation site would occu ... |
| CVE-2017-5953 | vim before patch 8.0.0322 does not properly validate values for tree l ... |
| CVE-2016-1248 | vim before patch 8.0.0056 does not properly validate values for the 'f ... |
| CVE-2010-3914 | Untrusted search path vulnerability in VIM Development Group GVim befo ... |
| CVE-2009-0316 | Untrusted search path vulnerability in src/if_python.c in the Python i ... |
| CVE-2008-6235 | The Netrw plugin (netrw.vim) in Vim 7.0 and 7.1 allows user-assisted a ... |
| CVE-2008-4101 | Vim 3.0 through 7.x before 7.2.010 does not properly escape characters ... |
| CVE-2008-3432 | Heap-based buffer overflow in the mch_expand_wildcards function in os_ ... |
| CVE-2008-3294 | src/configure.in in Vim 5.0 through 7.1, when used for a build with Py ... |
| CVE-2008-3076 | The Netrw plugin 125 in netrw.vim in Vim 7.2a.10 allows user-assisted ... |
| CVE-2008-3075 | The shellescape function in Vim 7.0 through 7.2, including 7.2a.10, al ... |
| CVE-2008-3074 | The shellescape function in Vim 7.0 through 7.2, including 7.2a.10, al ... |
| CVE-2008-2712 | Vim 7.1.314, 6.4, and other versions allows user-assisted remote attac ... |
| CVE-2007-2953 | Format string vulnerability in the helptags_one function in src/ex_cmd ... |
| CVE-2007-2438 | The sandbox for vim allows dangerous functions such as (1) writefile, ... |
| CVE-2005-2368 | vim 6.3 before 6.3.082, with modelines enabled, allows external user-a ... |
| CVE-2005-0069 | The (1) tcltags or (2) vimspell.sh scripts in vim 6.3 allow local user ... |
| CVE-2004-1138 | VIM before 6.3 and gVim before 6.3 allow local users to execute arbitr ... |
| CVE-2002-1377 | vim 6.0 and 6.1, and possibly other versions, allows attackers to exec ... |