| Bug | Description |
|---|
| CVE-2019-12735 | getchar.c in Vim before 8.1.1365 and Neovim before 0.3.6 allows remote ... |
| CVE-2018-20786 | libvterm through 0+bzr726, as used in Vim and other products, mishandl ... |
| CVE-2017-6350 | An integer overflow at an unserialize_uep memory allocation site would ... |
| CVE-2017-6349 | An integer overflow at a u_read_undo memory allocation site would occu ... |
| CVE-2017-5953 | vim before patch 8.0.0322 does not properly validate values for tree l ... |
| CVE-2017-11109 | Vim 8.0 allows attackers to cause a denial of service (invalid free) o ... |
| CVE-2016-1248 | vim before patch 8.0.0056 does not properly validate values for the 'f ... |
| CVE-2010-3914 | Untrusted search path vulnerability in VIM Development Group GVim befo ... |
| CVE-2009-0316 | Untrusted search path vulnerability in src/if_python.c in the Python i ... |
| CVE-2008-6235 | The Netrw plugin (netrw.vim) in Vim 7.0 and 7.1 allows user-assisted a ... |
| CVE-2008-4101 | Vim 3.0 through 7.x before 7.2.010 does not properly escape characters ... |
| CVE-2008-3432 | Heap-based buffer overflow in the mch_expand_wildcards function in os_ ... |
| CVE-2008-3294 | src/configure.in in Vim 5.0 through 7.1, when used for a build with Py ... |
| CVE-2008-3076 | The Netrw plugin 125 in netrw.vim in Vim 7.2a.10 allows user-assisted ... |
| CVE-2008-3075 | The shellescape function in Vim 7.0 through 7.2, including 7.2a.10, al ... |
| CVE-2008-3074 | The shellescape function in Vim 7.0 through 7.2, including 7.2a.10, al ... |
| CVE-2008-2712 | Vim 7.1.314, 6.4, and other versions allows user-assisted remote attac ... |
| CVE-2007-2953 | Format string vulnerability in the helptags_one function in src/ex_cmd ... |
| CVE-2007-2438 | The sandbox for vim allows dangerous functions such as (1) writefile, ... |
| CVE-2005-2368 | vim 6.3 before 6.3.082, with modelines enabled, allows external user-a ... |
| CVE-2005-0069 | The (1) tcltags or (2) vimspell.sh scripts in vim 6.3 allow local user ... |
| CVE-2004-1138 | VIM before 6.3 and gVim before 6.3 allow local users to execute arbitr ... |
| CVE-2002-1377 | vim 6.0 and 6.1, and possibly other versions, allows attackers to exec ... |