vim (SUSE:Linux Enterprise Server for SAP Applications 12 SP2) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Server for SAP Applications 12 SP2 package vim, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (6)
CVE-2017-5953 — CVSS 9.8 (critical): vim before patch 8.0.0322 does not properly validate values for tree length when handling a spell file, which may result in an integer…
CVE-2017-6349 — CVSS 9.8 (critical): An integer overflow at a u_read_undo memory allocation site would occur for vim before patch 8.0.0377, if it does not properly validate…
CVE-2017-6350 — CVSS 9.8 (critical): An integer overflow at an unserialize_uep memory allocation site would occur for vim before patch 8.0.0378, if it does not properly…
CVE-2019-12735 — CVSS 8.6 (high): getchar.c in Vim before 8.1.1365 and Neovim before 0.3.6 allows remote attackers to execute arbitrary OS commands via the :source! command…
CVE-2016-1248 — CVSS 7.8 (high): vim before patch 8.0.0056 does not properly validate values for the 'filetype', 'syntax' and 'keymap' options, which may result in the…
CVE-2019-20807 — CVSS 5.3 (medium): In Vim before 8.1.0881, users can circumvent the rvim restricted mode and execute arbitrary OS commands via scripting interfaces (e.g…