Risk | High |
Patch available | YES |
Number of vulnerabilities | 94 |
CVE-ID | CVE-2021-3770 CVE-2021-3778 CVE-2021-3796 CVE-2021-3872 CVE-2021-3875 CVE-2021-3927 CVE-2021-3928 CVE-2021-3968 CVE-2021-3973 CVE-2021-3974 CVE-2021-3984 CVE-2021-4019 CVE-2021-4069 CVE-2021-4136 CVE-2021-4166 CVE-2021-4173 CVE-2021-4187 CVE-2021-4192 CVE-2021-4193 CVE-2021-46059 CVE-2022-0128 CVE-2022-0156 CVE-2022-0158 CVE-2022-0213 CVE-2022-0261 CVE-2022-0318 CVE-2022-0319 CVE-2022-0351 CVE-2022-0359 CVE-2022-0361 CVE-2022-0368 CVE-2022-0392 CVE-2022-0393 CVE-2022-0407 CVE-2022-0408 CVE-2022-0413 CVE-2022-0417 CVE-2022-0443 CVE-2022-0554 CVE-2022-0629 CVE-2022-0685 CVE-2022-0714 CVE-2022-0729 CVE-2022-0943 CVE-2022-1154 CVE-2022-1160 CVE-2022-1381 CVE-2022-1420 CVE-2022-1616 CVE-2022-1619 CVE-2022-1620 CVE-2022-1621 CVE-2022-1629 CVE-2022-1674 CVE-2022-1720 CVE-2022-1733 CVE-2022-1735 CVE-2022-1769 CVE-2022-1771 CVE-2022-1785 CVE-2022-1796 CVE-2022-1851 CVE-2022-1886 CVE-2022-1897 CVE-2022-1898 CVE-2022-1927 CVE-2022-1942 CVE-2022-1968 CVE-2022-2000 CVE-2022-2042 CVE-2022-2124 CVE-2022-2125 CVE-2022-2126 CVE-2022-2129 CVE-2022-2175 CVE-2022-2182 CVE-2022-2183 CVE-2022-2206 CVE-2022-2207 CVE-2022-2208 CVE-2022-2210 CVE-2022-2231 CVE-2022-2257 CVE-2022-2264 CVE-2022-2284 CVE-2022-2285 CVE-2022-2286 CVE-2022-2287 CVE-2022-2288 CVE-2022-2289 CVE-2022-2304 CVE-2022-2343 CVE-2022-2344 CVE-2022-2345 |
CWE-ID | CWE-787 CWE-122 CWE-416 CWE-457 CWE-125 CWE-415 CWE-476 CWE-119 CWE-121 CWE-823 CWE-120 CWE-190 |
Exploitation vector | Network |
Public exploit | N/A |
Vulnerable software Subscribe |
Gentoo Linux Operating systems & Components / Operating system app-editors/vim-core Operating systems & Components / Operating system package or component app-editors/vim Operating systems & Components / Operating system package or component app-editors/gvim Operating systems & Components / Operating system package or component |
Vendor | Gentoo |
Security Bulletin
This security bulletin contains information about 94 vulnerabilities.
EUVDB-ID: #VU63062
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-3770
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error. A remote attacker can trick the victim to open a specially crafted file, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationUpdate the affected packages.
app-editors/gvim to version: 9.0.0060
app-editors/vim to version: 9.0.0060
app-editors/vim-core to version: 9.0.0060
Gentoo Linux: All versions
app-editors/vim-core: before 9.0.0060
app-editors/vim: before 9.0.0060
app-editors/gvim: before 9.0.0060
External linkshttp://security.gentoo.org/glsa/202208-32
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU63063
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-3778
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error. A remote attacker can trick the victim to open a specially crafted file, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationUpdate the affected packages.
app-editors/gvim to version: 9.0.0060
app-editors/vim to version: 9.0.0060
app-editors/vim-core to version: 9.0.0060
Gentoo Linux: All versions
app-editors/vim-core: before 9.0.0060
app-editors/vim: before 9.0.0060
app-editors/gvim: before 9.0.0060
External linkshttp://security.gentoo.org/glsa/202208-32
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU63065
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-3796
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a use-after-free error. A remote attacker can trick the victim to open a specially crafted file, trigger a use-after-free error and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationUpdate the affected packages.
app-editors/gvim to version: 9.0.0060
app-editors/vim to version: 9.0.0060
app-editors/vim-core to version: 9.0.0060
Gentoo Linux: All versions
app-editors/vim-core: before 9.0.0060
app-editors/vim: before 9.0.0060
app-editors/gvim: before 9.0.0060
External linkshttp://security.gentoo.org/glsa/202208-32
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU63059
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-3872
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error. A remote attacker can trick the victim to open a specially crafted file, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationUpdate the affected packages.
app-editors/gvim to version: 9.0.0060
app-editors/vim to version: 9.0.0060
app-editors/vim-core to version: 9.0.0060
Gentoo Linux: All versions
app-editors/vim-core: before 9.0.0060
app-editors/vim: before 9.0.0060
app-editors/gvim: before 9.0.0060
External linkshttp://security.gentoo.org/glsa/202208-32
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU63066
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-3875
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error. A remote attacker can trick the victim to open a specially crafted file, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationUpdate the affected packages.
app-editors/gvim to version: 9.0.0060
app-editors/vim to version: 9.0.0060
app-editors/vim-core to version: 9.0.0060
Gentoo Linux: All versions
app-editors/vim-core: before 9.0.0060
app-editors/vim: before 9.0.0060
app-editors/gvim: before 9.0.0060
External linkshttp://security.gentoo.org/glsa/202208-32
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU63057
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-3927
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error. A remote attacker can trick the victim to open a specially crafted file, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationUpdate the affected packages.
app-editors/gvim to version: 9.0.0060
app-editors/vim to version: 9.0.0060
app-editors/vim-core to version: 9.0.0060
Gentoo Linux: All versions
app-editors/vim-core: before 9.0.0060
app-editors/vim: before 9.0.0060
app-editors/gvim: before 9.0.0060
External linkshttp://security.gentoo.org/glsa/202208-32
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU63052
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-3928
CWE-ID:
CWE-457 - Use of Uninitialized Variable
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to parsing uninitialized variable. A remote attacker can trick a victim to open a specially crafted file and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationUpdate the affected packages.
app-editors/gvim to version: 9.0.0060
app-editors/vim to version: 9.0.0060
app-editors/vim-core to version: 9.0.0060
Gentoo Linux: All versions
app-editors/vim-core: before 9.0.0060
app-editors/vim: before 9.0.0060
app-editors/gvim: before 9.0.0060
External linkshttp://security.gentoo.org/glsa/202208-32
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU63047
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-3968
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error. A remote attacker can trick the victim to open a specially crafted file, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationUpdate the affected packages.
app-editors/gvim to version: 9.0.0060
app-editors/vim to version: 9.0.0060
app-editors/vim-core to version: 9.0.0060
Gentoo Linux: All versions
app-editors/vim-core: before 9.0.0060
app-editors/vim: before 9.0.0060
app-editors/gvim: before 9.0.0060
External linkshttp://security.gentoo.org/glsa/202208-32
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU63051
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-3973
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error. A remote attacker can trick the victim to open a specially crafted file, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationUpdate the affected packages.
app-editors/gvim to version: 9.0.0060
app-editors/vim to version: 9.0.0060
app-editors/vim-core to version: 9.0.0060
Gentoo Linux: All versions
app-editors/vim-core: before 9.0.0060
app-editors/vim: before 9.0.0060
app-editors/gvim: before 9.0.0060
External linkshttp://security.gentoo.org/glsa/202208-32
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU63058
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-3974
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a use-after-free error. A remote attacker can trick the victim to open a specially crafted file, trigger a use-after-free error and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationUpdate the affected packages.
app-editors/gvim to version: 9.0.0060
app-editors/vim to version: 9.0.0060
app-editors/vim-core to version: 9.0.0060
Gentoo Linux: All versions
app-editors/vim-core: before 9.0.0060
app-editors/vim: before 9.0.0060
app-editors/gvim: before 9.0.0060
External linkshttp://security.gentoo.org/glsa/202208-32
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU63049
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-3984
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error. A remote attacker can trick the victim to open a specially crafted file, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationUpdate the affected packages.
app-editors/gvim to version: 9.0.0060
app-editors/vim to version: 9.0.0060
app-editors/vim-core to version: 9.0.0060
Gentoo Linux: All versions
app-editors/vim-core: before 9.0.0060
app-editors/vim: before 9.0.0060
app-editors/gvim: before 9.0.0060
External linkshttp://security.gentoo.org/glsa/202208-32
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU63048
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-4019
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error. A remote attacker can trick the victim to open a specially crafted file, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationUpdate the affected packages.
app-editors/gvim to version: 9.0.0060
app-editors/vim to version: 9.0.0060
app-editors/vim-core to version: 9.0.0060
Gentoo Linux: All versions
app-editors/vim-core: before 9.0.0060
app-editors/vim: before 9.0.0060
app-editors/gvim: before 9.0.0060
External linkshttp://security.gentoo.org/glsa/202208-32
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU60795
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-4069
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error. A remote attacker can trick the victim to open a specially crafted file, trigger a use-after-free error and execute arbitrary code on the system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
MitigationUpdate the affected packages.
app-editors/gvim to version: 9.0.0060
app-editors/vim to version: 9.0.0060
app-editors/vim-core to version: 9.0.0060
Gentoo Linux: All versions
app-editors/vim-core: before 9.0.0060
app-editors/vim: before 9.0.0060
app-editors/gvim: before 9.0.0060
External linkshttp://security.gentoo.org/glsa/202208-32
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU60794
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-4136
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error. A remote attacker can trick the victim to open a specially crafted file, trigger heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationUpdate the affected packages.
app-editors/gvim to version: 9.0.0060
app-editors/vim to version: 9.0.0060
app-editors/vim-core to version: 9.0.0060
Gentoo Linux: All versions
app-editors/vim-core: before 9.0.0060
app-editors/vim: before 9.0.0060
app-editors/gvim: before 9.0.0060
External linkshttp://security.gentoo.org/glsa/202208-32
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU60793
Risk: Low
CVSSv3.1: 2.7 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-4166
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to crash the application.
The vulnerability exists due to a boundary condition. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger out-of-bounds read error and crash the application.
MitigationUpdate the affected packages.
app-editors/gvim to version: 9.0.0060
app-editors/vim to version: 9.0.0060
app-editors/vim-core to version: 9.0.0060
Gentoo Linux: All versions
app-editors/vim-core: before 9.0.0060
app-editors/vim: before 9.0.0060
app-editors/gvim: before 9.0.0060
External linkshttp://security.gentoo.org/glsa/202208-32
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU60792
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-4173
CWE-ID:
CWE-415 - Double Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error. A remote attacker can trick the victim to open a specially crafted file, trigger double free error and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationUpdate the affected packages.
app-editors/gvim to version: 9.0.0060
app-editors/vim to version: 9.0.0060
app-editors/vim-core to version: 9.0.0060
Gentoo Linux: All versions
app-editors/vim-core: before 9.0.0060
app-editors/vim: before 9.0.0060
app-editors/gvim: before 9.0.0060
External linkshttp://security.gentoo.org/glsa/202208-32
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU60791
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-4187
CWE-ID:
CWE-415 - Double Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error. A remote attacker can trick the victim to open a specially crafted file, trigger double free error and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationUpdate the affected packages.
app-editors/gvim to version: 9.0.0060
app-editors/vim to version: 9.0.0060
app-editors/vim-core to version: 9.0.0060
Gentoo Linux: All versions
app-editors/vim-core: before 9.0.0060
app-editors/vim: before 9.0.0060
app-editors/gvim: before 9.0.0060
External linkshttp://security.gentoo.org/glsa/202208-32
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU60790
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-4192
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error. A remote attacker can trick the victim to open a specially crafted file, trigger a use-after-free error and execute arbitrary code on the system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
MitigationUpdate the affected packages.
app-editors/gvim to version: 9.0.0060
app-editors/vim to version: 9.0.0060
app-editors/vim-core to version: 9.0.0060
Gentoo Linux: All versions
app-editors/vim-core: before 9.0.0060
app-editors/vim: before 9.0.0060
app-editors/gvim: before 9.0.0060
External linkshttp://security.gentoo.org/glsa/202208-32
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU60789
Risk: Low
CVSSv3.1: 2.7 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-4193
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to crash the application.
The vulnerability exists due to a boundary condition. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger out-of-bounds read error and crash the application.
Update the affected packages.
app-editors/gvim to version: 9.0.0060
app-editors/vim to version: 9.0.0060
app-editors/vim-core to version: 9.0.0060
Gentoo Linux: All versions
app-editors/vim-core: before 9.0.0060
app-editors/vim: before 9.0.0060
app-editors/gvim: before 9.0.0060
External linkshttp://security.gentoo.org/glsa/202208-32
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU61332
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-46059
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error within the vim_regexec_multi() function in regexp.c in Vim. A remote attacker can trick the victim to open a specially crafted file and perform a denial of service (DoS) attack.
MitigationUpdate the affected packages.
app-editors/gvim to version: 9.0.0060
app-editors/vim to version: 9.0.0060
app-editors/vim-core to version: 9.0.0060
Gentoo Linux: All versions
app-editors/vim-core: before 9.0.0060
app-editors/vim: before 9.0.0060
app-editors/gvim: before 9.0.0060
External linkshttp://security.gentoo.org/glsa/202208-32
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU60788
Risk: Low
CVSSv3.1: 2.7 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-0128
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to crash the application.
The vulnerability exists due to a boundary condition. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger out-of-bounds read error and crash the application.
MitigationUpdate the affected packages.
app-editors/gvim to version: 9.0.0060
app-editors/vim to version: 9.0.0060
app-editors/vim-core to version: 9.0.0060
Gentoo Linux: All versions
app-editors/vim-core: before 9.0.0060
app-editors/vim: before 9.0.0060
app-editors/gvim: before 9.0.0060
External linkshttp://security.gentoo.org/glsa/202208-32
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU60766
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-0156
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error when processing lines inside files. A remote attacker can trick the victim to open a specially crafted file, trigger a use-after-free error and execute arbitrary code on the system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
MitigationUpdate the affected packages.
app-editors/gvim to version: 9.0.0060
app-editors/vim to version: 9.0.0060
app-editors/vim-core to version: 9.0.0060
Gentoo Linux: All versions
app-editors/vim-core: before 9.0.0060
app-editors/vim: before 9.0.0060
app-editors/gvim: before 9.0.0060
External linkshttp://security.gentoo.org/glsa/202208-32
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU60767
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-0158
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing lines that start with the "$" character. A remote attacker can trick the victim to open a specially crafted file, trigger heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationUpdate the affected packages.
app-editors/gvim to version: 9.0.0060
app-editors/vim to version: 9.0.0060
app-editors/vim-core to version: 9.0.0060
Gentoo Linux: All versions
app-editors/vim-core: before 9.0.0060
app-editors/vim: before 9.0.0060
app-editors/gvim: before 9.0.0060
External linkshttp://security.gentoo.org/glsa/202208-32
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU60768
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-0213
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing files. A remote attacker can trick the victim to open a specially crafted file, trigger heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationUpdate the affected packages.
app-editors/gvim to version: 9.0.0060
app-editors/vim to version: 9.0.0060
app-editors/vim-core to version: 9.0.0060
Gentoo Linux: All versions
app-editors/vim-core: before 9.0.0060
app-editors/vim: before 9.0.0060
app-editors/gvim: before 9.0.0060
External linkshttp://security.gentoo.org/glsa/202208-32
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU60769
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-0261
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error. A remote attacker can trick the victim to open a specially crafted file, trigger heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationUpdate the affected packages.
app-editors/gvim to version: 9.0.0060
app-editors/vim to version: 9.0.0060
app-editors/vim-core to version: 9.0.0060
Gentoo Linux: All versions
app-editors/vim-core: before 9.0.0060
app-editors/vim: before 9.0.0060
app-editors/gvim: before 9.0.0060
External linkshttp://security.gentoo.org/glsa/202208-32
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU60770
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-0318
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error. A remote attacker can trick the victim to open a specially crafted file, trigger heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationUpdate the affected packages.
app-editors/gvim to version: 9.0.0060
app-editors/vim to version: 9.0.0060
app-editors/vim-core to version: 9.0.0060
Gentoo Linux: All versions
app-editors/vim-core: before 9.0.0060
app-editors/vim: before 9.0.0060
app-editors/gvim: before 9.0.0060
External linkshttp://security.gentoo.org/glsa/202208-32
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU60787
Risk: Low
CVSSv3.1: 2.7 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-0319
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to crash the application.
The vulnerability exists due to a boundary condition. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger out-of-bounds read error and read contents of memory on the system.
MitigationUpdate the affected packages.
app-editors/gvim to version: 9.0.0060
app-editors/vim to version: 9.0.0060
app-editors/vim-core to version: 9.0.0060
Gentoo Linux: All versions
app-editors/vim-core: before 9.0.0060
app-editors/vim: before 9.0.0060
app-editors/gvim: before 9.0.0060
External linkshttp://security.gentoo.org/glsa/202208-32
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU60771
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-0351
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing files. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationUpdate the affected packages.
app-editors/gvim to version: 9.0.0060
app-editors/vim to version: 9.0.0060
app-editors/vim-core to version: 9.0.0060
Gentoo Linux: All versions
app-editors/vim-core: before 9.0.0060
app-editors/vim: before 9.0.0060
app-editors/gvim: before 9.0.0060
External linkshttp://security.gentoo.org/glsa/202208-32
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU60772
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-0359
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error. A remote attacker can trick the victim to open a specially crafted file, trigger heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationUpdate the affected packages.
app-editors/gvim to version: 9.0.0060
app-editors/vim to version: 9.0.0060
app-editors/vim-core to version: 9.0.0060
Gentoo Linux: All versions
app-editors/vim-core: before 9.0.0060
app-editors/vim: before 9.0.0060
app-editors/gvim: before 9.0.0060
External linkshttp://security.gentoo.org/glsa/202208-32
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU60786
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-0361
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when copying lines in Visual mode. A remote attacker can trick the victim to open a specially crafted file, trigger heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationUpdate the affected packages.
app-editors/gvim to version: 9.0.0060
app-editors/vim to version: 9.0.0060
app-editors/vim-core to version: 9.0.0060
Gentoo Linux: All versions
app-editors/vim-core: before 9.0.0060
app-editors/vim: before 9.0.0060
app-editors/gvim: before 9.0.0060
External linkshttp://security.gentoo.org/glsa/202208-32
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU60785
Risk: Low
CVSSv3.1: 2.7 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-0368
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to crash the application.
The vulnerability exists due to a boundary condition. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger out-of-bounds read error and read contents of memory on the system.
MitigationUpdate the affected packages.
app-editors/gvim to version: 9.0.0060
app-editors/vim to version: 9.0.0060
app-editors/vim-core to version: 9.0.0060
Gentoo Linux: All versions
app-editors/vim-core: before 9.0.0060
app-editors/vim: before 9.0.0060
app-editors/gvim: before 9.0.0060
External linkshttp://security.gentoo.org/glsa/202208-32
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU60783
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-0392
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error. A remote attacker can trick the victim to open a specially crafted file, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationUpdate the affected packages.
app-editors/gvim to version: 9.0.0060
app-editors/vim to version: 9.0.0060
app-editors/vim-core to version: 9.0.0060
Gentoo Linux: All versions
app-editors/vim-core: before 9.0.0060
app-editors/vim: before 9.0.0060
app-editors/gvim: before 9.0.0060
External linkshttp://security.gentoo.org/glsa/202208-32
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU60784
Risk: Low
CVSSv3.1: 2.7 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-0393
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to crash the application.
The vulnerability exists due to a boundary condition when recording and using Select mode . A remote attacker can create a specially crafted file, trick the victim into opening it, trigger out-of-bounds read error and crash the application.
Update the affected packages.
app-editors/gvim to version: 9.0.0060
app-editors/vim to version: 9.0.0060
app-editors/vim-core to version: 9.0.0060
Gentoo Linux: All versions
app-editors/vim-core: before 9.0.0060
app-editors/vim: before 9.0.0060
app-editors/gvim: before 9.0.0060
External linkshttp://security.gentoo.org/glsa/202208-32
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU60782
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-0407
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error. A remote attacker can trick the victim to open a specially crafted file, trigger heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationUpdate the affected packages.
app-editors/gvim to version: 9.0.0060
app-editors/vim to version: 9.0.0060
app-editors/vim-core to version: 9.0.0060
Gentoo Linux: All versions
app-editors/vim-core: before 9.0.0060
app-editors/vim: before 9.0.0060
app-editors/gvim: before 9.0.0060
External linkshttp://security.gentoo.org/glsa/202208-32
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU60781
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-0408
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when looking for spell suggestions. A remote unauthenticated attacker can trick the victim to open a specially crafted file, trigger a stack-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationUpdate the affected packages.
app-editors/gvim to version: 9.0.0060
app-editors/vim to version: 9.0.0060
app-editors/vim-core to version: 9.0.0060
Gentoo Linux: All versions
app-editors/vim-core: before 9.0.0060
app-editors/vim: before 9.0.0060
app-editors/gvim: before 9.0.0060
External linkshttp://security.gentoo.org/glsa/202208-32
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU60780
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-0413
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error when using freed memory when substitute with function call . A remote attacker can trick the victim to open a specially crafted file, trigger a use-after-free error and execute arbitrary code on the system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
MitigationUpdate the affected packages.
app-editors/gvim to version: 9.0.0060
app-editors/vim to version: 9.0.0060
app-editors/vim-core to version: 9.0.0060
Gentoo Linux: All versions
app-editors/vim-core: before 9.0.0060
app-editors/vim: before 9.0.0060
app-editors/gvim: before 9.0.0060
External linkshttp://security.gentoo.org/glsa/202208-32
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU60779
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-0417
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to crash the application.
The vulnerability exists due to a boundary error. A remote attacker can trick the victim to open a specially crafted file and crash the application.
Update the affected packages.
app-editors/gvim to version: 9.0.0060
app-editors/vim to version: 9.0.0060
app-editors/vim-core to version: 9.0.0060
Gentoo Linux: All versions
app-editors/vim-core: before 9.0.0060
app-editors/vim: before 9.0.0060
app-editors/gvim: before 9.0.0060
External linkshttp://security.gentoo.org/glsa/202208-32
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU60778
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-0443
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error when using freed memory with :lopen and :bwipe . A remote attacker can trick the victim to open a specially crafted file, trigger a use-after-free error and execute arbitrary code on the system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
MitigationUpdate the affected packages.
app-editors/gvim to version: 9.0.0060
app-editors/vim to version: 9.0.0060
app-editors/vim-core to version: 9.0.0060
Gentoo Linux: All versions
app-editors/vim-core: before 9.0.0060
app-editors/vim: before 9.0.0060
app-editors/gvim: before 9.0.0060
External linkshttp://security.gentoo.org/glsa/202208-32
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU60777
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-0554
CWE-ID:
CWE-823 - Use of Out-of-range Pointer Offset
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to crash the application.
The vulnerability exists due to a boundary error when reading files. A remote attacker can trick the victim to open a specially crafted file and crash the application.
Update the affected packages.
app-editors/gvim to version: 9.0.0060
app-editors/vim to version: 9.0.0060
app-editors/vim-core to version: 9.0.0060
Gentoo Linux: All versions
app-editors/vim-core: before 9.0.0060
app-editors/vim: before 9.0.0060
app-editors/gvim: before 9.0.0060
External linkshttp://security.gentoo.org/glsa/202208-32
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU60775
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-0629
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when using many composing characters in error message. A remote unauthenticated attacker can trick the victim to open a specially crafted file, trigger a stack-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationUpdate the affected packages.
app-editors/gvim to version: 9.0.0060
app-editors/vim to version: 9.0.0060
app-editors/vim-core to version: 9.0.0060
Gentoo Linux: All versions
app-editors/vim-core: before 9.0.0060
app-editors/vim: before 9.0.0060
app-editors/gvim: before 9.0.0060
External linkshttp://security.gentoo.org/glsa/202208-32
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU60774
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-0685
CWE-ID:
CWE-823 - Use of Out-of-range Pointer Offset
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to crash the application.
The vulnerability exists due to improper input validation when processing special multi-byte characters. A remote attacker can trick the victim to open a specially crafted file and crash the application.
Update the affected packages.
app-editors/gvim to version: 9.0.0060
app-editors/vim to version: 9.0.0060
app-editors/vim-core to version: 9.0.0060
Gentoo Linux: All versions
app-editors/vim-core: before 9.0.0060
app-editors/vim: before 9.0.0060
app-editors/gvim: before 9.0.0060
External linkshttp://security.gentoo.org/glsa/202208-32
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU60796
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-0714
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error. A remote attacker can trick the victim to open a specially crafted file, trigger heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationUpdate the affected packages.
app-editors/gvim to version: 9.0.0060
app-editors/vim to version: 9.0.0060
app-editors/vim-core to version: 9.0.0060
Gentoo Linux: All versions
app-editors/vim-core: before 9.0.0060
app-editors/vim: before 9.0.0060
app-editors/gvim: before 9.0.0060
External linkshttp://security.gentoo.org/glsa/202208-32
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU62025
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-0729
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing files. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationUpdate the affected packages.
app-editors/gvim to version: 9.0.0060
app-editors/vim to version: 9.0.0060
app-editors/vim-core to version: 9.0.0060
Gentoo Linux: All versions
app-editors/vim-core: before 9.0.0060
app-editors/vim: before 9.0.0060
app-editors/gvim: before 9.0.0060
External linkshttp://security.gentoo.org/glsa/202208-32
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU62026
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-0943
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error. A remote attacker can trick the victim to open a specially crafted file, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationUpdate the affected packages.
app-editors/gvim to version: 9.0.0060
app-editors/vim to version: 9.0.0060
app-editors/vim-core to version: 9.0.0060
Gentoo Linux: All versions
app-editors/vim-core: before 9.0.0060
app-editors/vim: before 9.0.0060
app-editors/gvim: before 9.0.0060
External linkshttp://security.gentoo.org/glsa/202208-32
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU61763
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-1154
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error within the utf_ptr2char() function in regexp_bt.c. A remote attacker can trick the victim to open a specially crafted file, trigger a use-after-free error and execute arbitrary code on the system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
MitigationUpdate the affected packages.
app-editors/gvim to version: 9.0.0060
app-editors/vim to version: 9.0.0060
app-editors/vim-core to version: 9.0.0060
Gentoo Linux: All versions
app-editors/vim-core: before 9.0.0060
app-editors/vim: before 9.0.0060
app-editors/gvim: before 9.0.0060
External linkshttp://security.gentoo.org/glsa/202208-32
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU62360
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-1160
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the get_one_sourceline() function. A remote attacker can trick the victim to open a specially crafted file, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationUpdate the affected packages.
app-editors/gvim to version: 9.0.0060
app-editors/vim to version: 9.0.0060
app-editors/vim-core to version: 9.0.0060
Gentoo Linux: All versions
app-editors/vim-core: before 9.0.0060
app-editors/vim: before 9.0.0060
app-editors/gvim: before 9.0.0060
External linkshttp://security.gentoo.org/glsa/202208-32
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU63045
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-1381
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a boundary error when processing untrusted input. A remote attacker can create a specially crafted file, trick the victim into opening it using the affected software, trigger out-of-bounds write and execute arbitrary code on the target system.
MitigationUpdate the affected packages.
app-editors/gvim to version: 9.0.0060
app-editors/vim to version: 9.0.0060
app-editors/vim-core to version: 9.0.0060
Gentoo Linux: All versions
app-editors/vim-core: before 9.0.0060
app-editors/vim: before 9.0.0060
app-editors/gvim: before 9.0.0060
External linkshttp://security.gentoo.org/glsa/202208-32
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU63044
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-1420
CWE-ID:
CWE-823 - Use of Out-of-range Pointer Offset
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause a denial of service on the target application.
The vulnerability exists due to a boundary error. A remote attacker can trick the victim to open a specially crafted file, trigger a use of out-of-range pointer offset and crash the application.
MitigationUpdate the affected packages.
app-editors/gvim to version: 9.0.0060
app-editors/vim to version: 9.0.0060
app-editors/vim-core to version: 9.0.0060
Gentoo Linux: All versions
app-editors/vim-core: before 9.0.0060
app-editors/vim: before 9.0.0060
app-editors/gvim: before 9.0.0060
External linkshttp://security.gentoo.org/glsa/202208-32
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU63042
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-1616
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error. A remote attacker can trick the victim to open a specially crafted file, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationUpdate the affected packages.
app-editors/gvim to version: 9.0.0060
app-editors/vim to version: 9.0.0060
app-editors/vim-core to version: 9.0.0060
Gentoo Linux: All versions
app-editors/vim-core: before 9.0.0060
app-editors/vim: before 9.0.0060
app-editors/gvim: before 9.0.0060
External linkshttp://security.gentoo.org/glsa/202208-32
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU62875
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-1619
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing data in the cmdline_erase_chars() function in ex_getln.c. A remote attacker can trick the victim to open a specially crafted file, trigger heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationUpdate the affected packages.
app-editors/gvim to version: 9.0.0060
app-editors/vim to version: 9.0.0060
app-editors/vim-core to version: 9.0.0060
Gentoo Linux: All versions
app-editors/vim-core: before 9.0.0060
app-editors/vim: before 9.0.0060
app-editors/gvim: before 9.0.0060
External linkshttp://security.gentoo.org/glsa/202208-32
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU62876
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-1620
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error within the vim_regexec_string() function in regexp.c. A remote attacker can trick the victim to open a specially crafted file, trigger NULL pointer dereference error and crash the application.
Update the affected packages.
app-editors/gvim to version: 9.0.0060
app-editors/vim to version: 9.0.0060
app-editors/vim-core to version: 9.0.0060
Gentoo Linux: All versions
app-editors/vim-core: before 9.0.0060
app-editors/vim: before 9.0.0060
app-editors/gvim: before 9.0.0060
External linkshttp://security.gentoo.org/glsa/202208-32
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU63041
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-1621
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error. A remote attacker can trick the victim to open a specially crafted file, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationUpdate the affected packages.
app-editors/gvim to version: 9.0.0060
app-editors/vim to version: 9.0.0060
app-editors/vim-core to version: 9.0.0060
Gentoo Linux: All versions
app-editors/vim-core: before 9.0.0060
app-editors/vim: before 9.0.0060
app-editors/gvim: before 9.0.0060
External linkshttp://security.gentoo.org/glsa/202208-32
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU63490
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-1629
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the system.
The vulnerability exists due to a boundary condition in find_next_quote() function. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger out-of-bounds read error, perform a denial of service attack, modify memory, and execute arbitrary code.
MitigationUpdate the affected packages.
app-editors/gvim to version: 9.0.0060
app-editors/vim to version: 9.0.0060
app-editors/vim-core to version: 9.0.0060
Gentoo Linux: All versions
app-editors/vim-core: before 9.0.0060
app-editors/vim: before 9.0.0060
app-editors/gvim: before 9.0.0060
External linkshttp://security.gentoo.org/glsa/202208-32
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU63491
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-1674
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error. A remote attacker can trick the victim to open a specially crafted file and perform a denial of service attack.
MitigationUpdate the affected packages.
app-editors/gvim to version: 9.0.0060
app-editors/vim to version: 9.0.0060
app-editors/vim-core to version: 9.0.0060
Gentoo Linux: All versions
app-editors/vim-core: before 9.0.0060
app-editors/vim: before 9.0.0060
app-editors/gvim: before 9.0.0060
External linkshttp://security.gentoo.org/glsa/202208-32
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU64714
Risk: Low
CVSSv3.1: 2.7 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-1720
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in normal.c. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger out-of-bounds read error and read contents of memory on the system.
MitigationUpdate the affected packages.
app-editors/gvim to version: 9.0.0060
app-editors/vim to version: 9.0.0060
app-editors/vim-core to version: 9.0.0060
Gentoo Linux: All versions
app-editors/vim-core: before 9.0.0060
app-editors/vim: before 9.0.0060
app-editors/gvim: before 9.0.0060
External linkshttp://security.gentoo.org/glsa/202208-32
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU63492
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-1733
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in skip_string() function. A remote attacker can trick the victim to open a specially crafted file, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
MitigationUpdate the affected packages.
app-editors/gvim to version: 9.0.0060
app-editors/vim to version: 9.0.0060
app-editors/vim-core to version: 9.0.0060
Gentoo Linux: All versions
app-editors/vim-core: before 9.0.0060
app-editors/vim: before 9.0.0060
app-editors/gvim: before 9.0.0060
External linkshttp://security.gentoo.org/glsa/202208-32
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU63489
Risk: Medium
CVSSv3.1: 6.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-1735
CWE-ID:
CWE-120 - Buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in utfc_ptr2len() function. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.
MitigationUpdate the affected packages.
app-editors/gvim to version: 9.0.0060
app-editors/vim to version: 9.0.0060
app-editors/vim-core to version: 9.0.0060
Gentoo Linux: All versions
app-editors/vim-core: before 9.0.0060
app-editors/vim: before 9.0.0060
app-editors/gvim: before 9.0.0060
External linkshttp://security.gentoo.org/glsa/202208-32
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU63647
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-1769
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in get_one_sourceline() function. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger out-of-bounds read error and read contents of memory on the system.
MitigationUpdate the affected packages.
app-editors/gvim to version: 9.0.0060
app-editors/vim to version: 9.0.0060
app-editors/vim-core to version: 9.0.0060
Gentoo Linux: All versions
app-editors/vim-core: before 9.0.0060
app-editors/vim: before 9.0.0060
app-editors/gvim: before 9.0.0060
External linkshttp://security.gentoo.org/glsa/202208-32
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU63488
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-1771
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service attack.
The vulnerability exists due to a boundary error when providing certain input. A remote attacker can trigger stack-based buffer overflow and perform a denial of service attack.
MitigationUpdate the affected packages.
app-editors/gvim to version: 9.0.0060
app-editors/vim to version: 9.0.0060
app-editors/vim-core to version: 9.0.0060
Gentoo Linux: All versions
app-editors/vim-core: before 9.0.0060
app-editors/vim: before 9.0.0060
app-editors/gvim: before 9.0.0060
External linkshttp://security.gentoo.org/glsa/202208-32
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU63487
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-1785
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code
The vulnerability exists due to a boundary error when processing untrusted input in vim_regsub_both() function. A remote attacker can create a specially crafted file, trick the victim into opening it using the affected software, trigger out-of-bounds write and execute arbitrary code on the target system.
MitigationUpdate the affected packages.
app-editors/gvim to version: 9.0.0060
app-editors/vim to version: 9.0.0060
app-editors/vim-core to version: 9.0.0060
Gentoo Linux: All versions
app-editors/vim-core: before 9.0.0060
app-editors/vim: before 9.0.0060
app-editors/gvim: before 9.0.0060
External linkshttp://security.gentoo.org/glsa/202208-32
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU63485
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-1796
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a use-after-free error. A remote attacker can trick the victim to open a specially crafted file, trigger a use-after-free error and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationUpdate the affected packages.
app-editors/gvim to version: 9.0.0060
app-editors/vim to version: 9.0.0060
app-editors/vim-core to version: 9.0.0060
Gentoo Linux: All versions
app-editors/vim-core: before 9.0.0060
app-editors/vim: before 9.0.0060
app-editors/gvim: before 9.0.0060
External linkshttp://security.gentoo.org/glsa/202208-32
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU64505
Risk: Low
CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-1851
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the system.
The vulnerability exists due to illegal memory access and leads to an out-of-bounds read vulnerability in the gchar_cursor() function. A local attacker can trick the victim into opening a specially crafted file, leading to a system crash or code execution.
MitigationUpdate the affected packages.
app-editors/gvim to version: 9.0.0060
app-editors/vim to version: 9.0.0060
app-editors/vim-core to version: 9.0.0060
Gentoo Linux: All versions
app-editors/vim-core: before 9.0.0060
app-editors/vim: before 9.0.0060
app-editors/gvim: before 9.0.0060
External linkshttp://security.gentoo.org/glsa/202208-32
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU64722
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-1886
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in register.c. A remote attacker can trick the victim to open a specially crafted file, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationUpdate the affected packages.
app-editors/gvim to version: 9.0.0060
app-editors/vim to version: 9.0.0060
app-editors/vim-core to version: 9.0.0060
Gentoo Linux: All versions
app-editors/vim-core: before 9.0.0060
app-editors/vim: before 9.0.0060
app-editors/gvim: before 9.0.0060
External linkshttp://security.gentoo.org/glsa/202208-32
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU64506
Risk: Low
CVSSv3.1: 6.1 [CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-1897
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to execute arbitrary code on the system.
The vulnerability exists due to Illegal memory access and leads to an out-of-bounds write vulnerability in the vim_regsub_both() function. A local attacker can trick the victim into opening a specially crafted file, leading to a system crash or code execution.
MitigationUpdate the affected packages.
app-editors/gvim to version: 9.0.0060
app-editors/vim to version: 9.0.0060
app-editors/vim-core to version: 9.0.0060
Gentoo Linux: All versions
app-editors/vim-core: before 9.0.0060
app-editors/vim: before 9.0.0060
app-editors/gvim: before 9.0.0060
External linkshttp://security.gentoo.org/glsa/202208-32
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU64509
Risk: Low
CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-1898
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to execute arbitrary code on the system.
The vulnerability exists due to Illegal memory access and leads to a use-after-free vulnerability in the find_pattern_in_path() function. A local attacker can trick the victim into opening a specially crafted file, leading to a system crash or code execution.
MitigationUpdate the affected packages.
app-editors/gvim to version: 9.0.0060
app-editors/vim to version: 9.0.0060
app-editors/vim-core to version: 9.0.0060
Gentoo Linux: All versions
app-editors/vim-core: before 9.0.0060
app-editors/vim: before 9.0.0060
app-editors/gvim: before 9.0.0060
External linkshttp://security.gentoo.org/glsa/202208-32
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU64508
Risk: Low
CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-1927
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to execute arbitrary code on the system.
The vulnerability exists due to Illegal memory access and leads to a buffer over-read vulnerability in the utf_ptr2char() function. A local attacker can trick the victim into opening a specially crafted file, trigger out-of-bounds read error and execute arbitrary code on the system.
MitigationUpdate the affected packages.
app-editors/gvim to version: 9.0.0060
app-editors/vim to version: 9.0.0060
app-editors/vim-core to version: 9.0.0060
Gentoo Linux: All versions
app-editors/vim-core: before 9.0.0060
app-editors/vim: before 9.0.0060
app-editors/gvim: before 9.0.0060
External linkshttp://security.gentoo.org/glsa/202208-32
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU64721
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-1942
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in buffer.c. A remote attacker can trick the victim to open a specially crafted file, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationUpdate the affected packages.
app-editors/gvim to version: 9.0.0060
app-editors/vim to version: 9.0.0060
app-editors/vim-core to version: 9.0.0060
Gentoo Linux: All versions
app-editors/vim-core: before 9.0.0060
app-editors/vim: before 9.0.0060
app-editors/gvim: before 9.0.0060
External linkshttp://security.gentoo.org/glsa/202208-32
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU64720
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-1968
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error in search.c. A remote attacker can trick the victim to open a specially crafted file, trigger a use-after-free error and execute arbitrary code on the system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
MitigationUpdate the affected packages.
app-editors/gvim to version: 9.0.0060
app-editors/vim to version: 9.0.0060
app-editors/vim-core to version: 9.0.0060
Gentoo Linux: All versions
app-editors/vim-core: before 9.0.0060
app-editors/vim: before 9.0.0060
app-editors/gvim: before 9.0.0060
External linkshttp://security.gentoo.org/glsa/202208-32
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU64719
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-2000
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a boundary error when processing untrusted input in ex_docmd.c. A remote attacker can create a specially crafted file, trick the victim into opening it using the affected software, trigger out-of-bounds write and execute arbitrary code on the target system.
MitigationUpdate the affected packages.
app-editors/gvim to version: 9.0.0060
app-editors/vim to version: 9.0.0060
app-editors/vim-core to version: 9.0.0060
Gentoo Linux: All versions
app-editors/vim-core: before 9.0.0060
app-editors/vim: before 9.0.0060
app-editors/gvim: before 9.0.0060
External linkshttp://security.gentoo.org/glsa/202208-32
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU64706
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-2042
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error in spell.c. A remote attacker can trick the victim to open a specially crafted file, trigger a use-after-free error and execute arbitrary code on the system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
MitigationUpdate the affected packages.
app-editors/gvim to version: 9.0.0060
app-editors/vim to version: 9.0.0060
app-editors/vim-core to version: 9.0.0060
Gentoo Linux: All versions
app-editors/vim-core: before 9.0.0060
app-editors/vim: before 9.0.0060
app-editors/gvim: before 9.0.0060
External linkshttp://security.gentoo.org/glsa/202208-32
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU64718
Risk: Low
CVSSv3.1: 2.7 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-2124
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in textobject.c. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger out-of-bounds read error and read contents of memory on the system.
MitigationUpdate the affected packages.
app-editors/gvim to version: 9.0.0060
app-editors/vim to version: 9.0.0060
app-editors/vim-core to version: 9.0.0060
Gentoo Linux: All versions
app-editors/vim-core: before 9.0.0060
app-editors/vim: before 9.0.0060
app-editors/gvim: before 9.0.0060
External linkshttp://security.gentoo.org/glsa/202208-32
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU64717
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-2125
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in indent.c. A remote attacker can trick the victim to open a specially crafted file, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationUpdate the affected packages.
app-editors/gvim to version: 9.0.0060
app-editors/vim to version: 9.0.0060
app-editors/vim-core to version: 9.0.0060
Gentoo Linux: All versions
app-editors/vim-core: before 9.0.0060
app-editors/vim: before 9.0.0060
app-editors/gvim: before 9.0.0060
External linkshttp://security.gentoo.org/glsa/202208-32
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU64716
Risk: Low
CVSSv3.1: 2.7 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-2126
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in spellsuggest.c. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger out-of-bounds read error and read contents of memory on the system.
MitigationUpdate the affected packages.
app-editors/gvim to version: 9.0.0060
app-editors/vim to version: 9.0.0060
app-editors/vim-core to version: 9.0.0060
Gentoo Linux: All versions
app-editors/vim-core: before 9.0.0060
app-editors/vim: before 9.0.0060
app-editors/gvim: before 9.0.0060
External linkshttp://security.gentoo.org/glsa/202208-32
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU64715
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-2129
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a boundary error when processing untrusted input in ex_docmd.c. A remote attacker can create a specially crafted file, trick the victim into opening it using the affected software, trigger out-of-bounds write and execute arbitrary code on the target system.
MitigationUpdate the affected packages.
app-editors/gvim to version: 9.0.0060
app-editors/vim to version: 9.0.0060
app-editors/vim-core to version: 9.0.0060
Gentoo Linux: All versions
app-editors/vim-core: before 9.0.0060
app-editors/vim: before 9.0.0060
app-editors/gvim: before 9.0.0060
External linkshttp://security.gentoo.org/glsa/202208-32
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU64713
Risk: Low
CVSSv3.1: 2.7 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-2175
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in ex_getln.c. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger out-of-bounds read error and read contents of memory on the system.
MitigationUpdate the affected packages.
app-editors/gvim to version: 9.0.0060
app-editors/vim to version: 9.0.0060
app-editors/vim-core to version: 9.0.0060
Gentoo Linux: All versions
app-editors/vim-core: before 9.0.0060
app-editors/vim: before 9.0.0060
app-editors/gvim: before 9.0.0060
External linkshttp://security.gentoo.org/glsa/202208-32
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU64712
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-2182
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in ex_docmd.c. A remote attacker can trick the victim to open a specially crafted file, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationUpdate the affected packages.
app-editors/gvim to version: 9.0.0060
app-editors/vim to version: 9.0.0060
app-editors/vim-core to version: 9.0.0060
Gentoo Linux: All versions
app-editors/vim-core: before 9.0.0060
app-editors/vim: before 9.0.0060
app-editors/gvim: before 9.0.0060
External linkshttp://security.gentoo.org/glsa/202208-32
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU64711
Risk: Low
CVSSv3.1: 2.7 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-2183
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in indent.c. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger out-of-bounds read error and read contents of memory on the system.
MitigationUpdate the affected packages.
app-editors/gvim to version: 9.0.0060
app-editors/vim to version: 9.0.0060
app-editors/vim-core to version: 9.0.0060
Gentoo Linux: All versions
app-editors/vim-core: before 9.0.0060
app-editors/vim: before 9.0.0060
app-editors/gvim: before 9.0.0060
External linkshttp://security.gentoo.org/glsa/202208-32
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU64710
Risk: Low
CVSSv3.1: 2.7 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-2206
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in term.c. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger out-of-bounds read error and read contents of memory on the system.
MitigationUpdate the affected packages.
app-editors/gvim to version: 9.0.0060
app-editors/vim to version: 9.0.0060
app-editors/vim-core to version: 9.0.0060
Gentoo Linux: All versions
app-editors/vim-core: before 9.0.0060
app-editors/vim: before 9.0.0060
app-editors/gvim: before 9.0.0060
External linkshttp://security.gentoo.org/glsa/202208-32
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU64709
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-2207
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in edit.c. A remote attacker can trick the victim to open a specially crafted file, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationUpdate the affected packages.
app-editors/gvim to version: 9.0.0060
app-editors/vim to version: 9.0.0060
app-editors/vim-core to version: 9.0.0060
Gentoo Linux: All versions
app-editors/vim-core: before 9.0.0060
app-editors/vim: before 9.0.0060
app-editors/gvim: before 9.0.0060
External linkshttp://security.gentoo.org/glsa/202208-32
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU64708
Risk: Low
CVSSv3.1: 2.7 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-2208
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error in diff.c. A remote attacker can perform a denial of service (DoS) attack.
MitigationUpdate the affected packages.
app-editors/gvim to version: 9.0.0060
app-editors/vim to version: 9.0.0060
app-editors/vim-core to version: 9.0.0060
Gentoo Linux: All versions
app-editors/vim-core: before 9.0.0060
app-editors/vim: before 9.0.0060
app-editors/gvim: before 9.0.0060
External linkshttp://security.gentoo.org/glsa/202208-32
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU64707
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-2210
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a boundary error when processing untrusted input in diff.c. A remote attacker can create a specially crafted file, trick the victim into opening it using the affected software, trigger out-of-bounds write and execute arbitrary code on the target system.
MitigationUpdate the affected packages.
app-editors/gvim to version: 9.0.0060
app-editors/vim to version: 9.0.0060
app-editors/vim-core to version: 9.0.0060
Gentoo Linux: All versions
app-editors/vim-core: before 9.0.0060
app-editors/vim: before 9.0.0060
app-editors/gvim: before 9.0.0060
External linkshttp://security.gentoo.org/glsa/202208-32
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU65416
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-2231
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error in skipwhite() function at charset.c:1428. A remote attacker can trick the victim into opening a specially crafted file to perform a denial of service (DoS) attack.
MitigationUpdate the affected packages.
app-editors/gvim to version: 9.0.0060
app-editors/vim to version: 9.0.0060
app-editors/vim-core to version: 9.0.0060
Gentoo Linux: All versions
app-editors/vim-core: before 9.0.0060
app-editors/vim: before 9.0.0060
app-editors/gvim: before 9.0.0060
External linkshttp://security.gentoo.org/glsa/202208-32
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU65415
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-2257
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in msg_outtrans_special() function at message.c:1716. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger out-of-bounds read error and read contents of memory on the system.
MitigationUpdate the affected packages.
app-editors/gvim to version: 9.0.0060
app-editors/vim to version: 9.0.0060
app-editors/vim-core to version: 9.0.0060
Gentoo Linux: All versions
app-editors/vim-core: before 9.0.0060
app-editors/vim: before 9.0.0060
app-editors/gvim: before 9.0.0060
External linkshttp://security.gentoo.org/glsa/202208-32
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU65414
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-2264
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error. A remote attacker can trick the victim into opening a specially crafted data, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
MitigationUpdate the affected packages.
app-editors/gvim to version: 9.0.0060
app-editors/vim to version: 9.0.0060
app-editors/vim-core to version: 9.0.0060
Gentoo Linux: All versions
app-editors/vim-core: before 9.0.0060
app-editors/vim: before 9.0.0060
app-editors/gvim: before 9.0.0060
External linkshttp://security.gentoo.org/glsa/202208-32
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU65412
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-2284
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in utfc_ptr2len() function at mbyte.c:2113. A remote attacker can trick the victim into opening a specially crafted file, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
MitigationUpdate the affected packages.
app-editors/gvim to version: 9.0.0060
app-editors/vim to version: 9.0.0060
app-editors/vim-core to version: 9.0.0060
Gentoo Linux: All versions
app-editors/vim-core: before 9.0.0060
app-editors/vim: before 9.0.0060
app-editors/gvim: before 9.0.0060
External linkshttp://security.gentoo.org/glsa/202208-32
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU65411
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-2285
CWE-ID:
CWE-190 - Integer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to integer overflow in del_typebuf() function at getchar.c:1204. A remote attacker can pass specially crafted data to the application, trigger integer overflow and execute arbitrary code on the target system.
MitigationUpdate the affected packages.
app-editors/gvim to version: 9.0.0060
app-editors/vim to version: 9.0.0060
app-editors/vim-core to version: 9.0.0060
Gentoo Linux: All versions
app-editors/vim-core: before 9.0.0060
app-editors/vim: before 9.0.0060
app-editors/gvim: before 9.0.0060
External linkshttp://security.gentoo.org/glsa/202208-32
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU65409
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-2286
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in ins_bytes() function at change.c:968. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger out-of-bounds read error and read contents of memory on the system.
MitigationUpdate the affected packages.
app-editors/gvim to version: 9.0.0060
app-editors/vim to version: 9.0.0060
app-editors/vim-core to version: 9.0.0060
Gentoo Linux: All versions
app-editors/vim-core: before 9.0.0060
app-editors/vim: before 9.0.0060
app-editors/gvim: before 9.0.0060
External linkshttp://security.gentoo.org/glsa/202208-32
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU65408
Risk: High
CVSSv3.1: 7.1 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-2287
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in suggest_trie_walk() function abusing array byts in line spellsuggest.c:1925. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger out-of-bounds read error and read contents of memory on the system.
MitigationUpdate the affected packages.
app-editors/gvim to version: 9.0.0060
app-editors/vim to version: 9.0.0060
app-editors/vim-core to version: 9.0.0060
Gentoo Linux: All versions
app-editors/vim-core: before 9.0.0060
app-editors/vim: before 9.0.0060
app-editors/gvim: before 9.0.0060
External linkshttp://security.gentoo.org/glsa/202208-32
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU65406
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-2288
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the system.
The vulnerability exists due to a boundary error in parse_command_modifiers() function at ex_docmd.c:3123. A remote attacker can create a specially crafted file, trick the victim into opening it using the affected software, trigger out-of-bounds write and execute arbitrary code on the target system.
MitigationUpdate the affected packages.
app-editors/gvim to version: 9.0.0060
app-editors/vim to version: 9.0.0060
app-editors/vim-core to version: 9.0.0060
Gentoo Linux: All versions
app-editors/vim-core: before 9.0.0060
app-editors/vim: before 9.0.0060
app-editors/gvim: before 9.0.0060
External linkshttp://security.gentoo.org/glsa/202208-32
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU65399
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-2289
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error in ex_diffgetput() function at diff.c:2790. A remote attacker can trick the victim into opening a specially crafted file and compromise vulnerable system.
MitigationUpdate the affected packages.
app-editors/gvim to version: 9.0.0060
app-editors/vim to version: 9.0.0060
app-editors/vim-core to version: 9.0.0060
Gentoo Linux: All versions
app-editors/vim-core: before 9.0.0060
app-editors/vim: before 9.0.0060
app-editors/gvim: before 9.0.0060
External linkshttp://security.gentoo.org/glsa/202208-32
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU65395
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-2304
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in spell_dump_compl() function at spell.c:4038. A remote unauthenticated attacker can trick the victim into opening a specially crafted file to trigger stack-based buffer overflow and execute arbitrary code on the target system.
MitigationUpdate the affected packages.
app-editors/gvim to version: 9.0.0060
app-editors/vim to version: 9.0.0060
app-editors/vim-core to version: 9.0.0060
Gentoo Linux: All versions
app-editors/vim-core: before 9.0.0060
app-editors/vim: before 9.0.0060
app-editors/gvim: before 9.0.0060
External linkshttp://security.gentoo.org/glsa/202208-32
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU65420
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-2343
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in ins_compl_add() function at insexpand.c:751. A remote attacker can trick the victim into opening a specially crafted data, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationUpdate the affected packages.
app-editors/gvim to version: 9.0.0060
app-editors/vim to version: 9.0.0060
app-editors/vim-core to version: 9.0.0060
Gentoo Linux: All versions
app-editors/vim-core: before 9.0.0060
app-editors/vim: before 9.0.0060
app-editors/gvim: before 9.0.0060
External linkshttp://security.gentoo.org/glsa/202208-32
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU65418
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-2344
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in ins_compl_add() function at insexpand.c:751. A remote attacker can trick the victim into opening a specially crafted data, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationUpdate the affected packages.
app-editors/gvim to version: 9.0.0060
app-editors/vim to version: 9.0.0060
app-editors/vim-core to version: 9.0.0060
Gentoo Linux: All versions
app-editors/vim-core: before 9.0.0060
app-editors/vim: before 9.0.0060
app-editors/gvim: before 9.0.0060
External linkshttp://security.gentoo.org/glsa/202208-32
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU65394
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-2345
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error in function skipwhite at charset.c:1428. A remote attacker can trick the victim to open a specially crafted file and compromise vulnerable system.
MitigationUpdate the affected packages.
app-editors/gvim to version: 9.0.0060
app-editors/vim to version: 9.0.0060
app-editors/vim-core to version: 9.0.0060
Gentoo Linux: All versions
app-editors/vim-core: before 9.0.0060
app-editors/vim: before 9.0.0060
app-editors/gvim: before 9.0.0060
External linkshttp://security.gentoo.org/glsa/202208-32
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.