vim (SUSE:Linux Enterprise Module for Desktop Applications 15 SP5) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Module for Desktop Applications 15 SP5 package vim, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (25)
CVE-2024-22667 — CVSS 7.8 (high): Vim before 9.0.2142 has a stack-based buffer overflow because did_set_langmap in map.c calls sprintf to write to the error buffer that is…
CVE-2024-43374 — CVSS 4.5 (medium): The UNIX editor Vim prior to version 9.1.0678 has a use-after-free error in argument list handling. When adding a new file to the argument…
CVE-2023-46246 — CVSS 4.0 (medium): Vim is an improved version of the good old UNIX editor Vi. Heap-use-after-free in memory allocated in the function `ga_grow_inner` in in…
CVE-2024-47814 — CVSS 3.9 (low): Vim is an open source, command line text editor. A use-after-free was found in Vim < 9.1.0764. When closing a buffer (visible in a window)…
CVE-2023-48231 — CVSS 3.9 (low): Vim is an open source command line text editor. When closing a window, vim may try to access already freed window structure. Exploitation…
CVE-2023-48232 — CVSS 3.9 (low): Vim is an open source command line text editor. A floating point exception may occur when calculating the line offset for overlong lines…
CVE-2023-48706 — CVSS 3.6 (low): Vim is a UNIX editor that, prior to version 9.0.2121, has a heap-use-after-free vulnerability. When executing a `:s` command for the very…
CVE-2023-48237 — CVSS 2.8 (low): Vim is an open source command line text editor. In affected versions when shifting lines in operator pending mode and using a very large…
CVE-2023-48236 — CVSS 2.8 (low): Vim is an open source command line text editor. When using the z= command, the user may overflow the count with values larger than MAX_INT…
CVE-2023-48235 — CVSS 2.8 (low): Vim is an open source command line text editor. When parsing relative ex addresses one may unintentionally cause an overflow. Ironically…
CVE-2023-48234 — CVSS 2.8 (low): Vim is an open source command line text editor. When getting the count for a normal mode z command, it may overflow for large counts given…
CVE-2023-48233 — CVSS 2.8 (low): Vim is an open source command line text editor. If the count after the :s command is larger than what fits into a (signed) long variable…