Vulnerabilities > VIM > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-06-20 CVE-2020-20703 Classic Buffer Overflow vulnerability in VIM 8.1.2135
Buffer Overflow vulnerability in VIM v.8.1.2135 allows a remote attacker to execute arbitrary code via the operand parameter.
network
low complexity
vim CWE-120
critical
9.8
2022-12-02 CVE-2022-3520 Unspecified vulnerability in VIM
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0765.
network
low complexity
vim
critical
9.8
2022-01-21 CVE-2022-0318 Out-of-bounds Write vulnerability in multiple products
Heap-based Buffer Overflow in vim/vim prior to 8.2.
network
low complexity
vim apple debian CWE-787
critical
9.8
2017-02-27 CVE-2017-6350 Integer Overflow or Wraparound vulnerability in VIM
An integer overflow at an unserialize_uep memory allocation site would occur for vim before patch 8.0.0378, if it does not properly validate values for tree length when reading a corrupted undo file, which may lead to resultant buffer overflows.
network
low complexity
vim CWE-190
critical
9.8
2017-02-27 CVE-2017-6349 Integer Overflow or Wraparound vulnerability in VIM
An integer overflow at a u_read_undo memory allocation site would occur for vim before patch 8.0.0377, if it does not properly validate values for tree length when reading a corrupted undo file, which may lead to resultant buffer overflows.
network
low complexity
vim CWE-190
critical
9.8
2017-02-10 CVE-2017-5953 Integer Overflow or Wraparound vulnerability in VIM
vim before patch 8.0.0322 does not properly validate values for tree length when handling a spell file, which may result in an integer overflow at a memory allocation site and a resultant buffer overflow.
network
low complexity
vim CWE-190
critical
9.8