vim is vulnerable to Heap-based Buffer Overflow

vim is vulnerable to Use After Free

vim is vulnerable to Heap-based Buffer Overflow

vim is vulnerable to Heap-based Buffer Overflow

VSCodeVim before 1.19.0 allows attackers to execute arbitrary code via a crafted workspace configuration.

JetBrains IdeaVim before version 0.58 might have caused an information leak in limited circumstances.

In Vim before 8.1.0881, users can circumvent the rvim restricted mode and execute arbitrary OS commands via scripting interfaces (e.g., Python, Ruby, or Lua).

The autocmd feature in window.c in Vim before 8.1.2136 accesses freed memory.

The JetBrains Vim plugin before version 0.52 was storing individual project data in the global vim_settings.xml file. This xml file could be synchronized to a publicly accessible GitHub repository.

getchar.c in Vim before 8.1.1365 and Neovim before 0.3.6 allows remote attackers to execute arbitrary OS commands via the :source! command in a modeline, as demonstrated by execute in Vim, and assert_fails or nvim_input in Neovim.