Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Vim — Vulnerabilities & Security Advisories 203

Browse all 203 CVE security advisories affecting Vim. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Vim is a widely used, open-source text editor primarily designed for efficient code editing and system administration tasks across Unix-like operating systems. Despite its utility, the software has accumulated approximately 200 Common Vulnerabilities and Exposures (CVEs), reflecting its complex codebase and long history. Historically, these security flaws have predominantly involved remote code execution (RCE) and buffer overflow vulnerabilities, often triggered by malformed files or specific command-line arguments. While cross-site scripting is irrelevant to its terminal-based nature, privilege escalation risks have occasionally arisen through improper file permission handling or setuid configurations. Notable incidents include critical RCE flaws in the ex command interpreter and memory corruption issues within the clipboard handling subsystem. These vulnerabilities underscore the importance of keeping the editor updated, as attackers frequently exploit parsing errors to gain unauthorized system access or execute arbitrary code within the user’s environment.

Top products by Vim: vim/vim vim
CVE IDTitleCVSSSeverityPublished
CVE-2022-2208 NULL Pointer Dereference in vim/vim — vim/vimCWE-476 5.5 -2022-06-27
CVE-2022-2210 Out-of-bounds Write in vim/vim — vim/vimCWE-787 7.8 -2022-06-27
CVE-2022-2206 Out-of-bounds Read in vim/vim — vim/vimCWE-125 7.8 -2022-06-26
CVE-2022-2175 Buffer Over-read in vim/vim — vim/vimCWE-126 7.8 -2022-06-23
CVE-2022-2182 Heap-based Buffer Overflow in vim/vim — vim/vimCWE-122 7.8 -2022-06-23
CVE-2022-2183 Out-of-bounds Read in vim/vim — vim/vimCWE-125 7.8 -2022-06-23
CVE-2022-2124 Buffer Over-read in vim/vim — vim/vimCWE-126 7.8 -2022-06-19
CVE-2022-2125 Heap-based Buffer Overflow in vim/vim — vim/vimCWE-122 7.8 -2022-06-19
CVE-2022-2126 Out-of-bounds Read in vim/vim — vim/vimCWE-125 7.8 -2022-06-19
CVE-2022-2129 Out-of-bounds Write in vim/vim — vim/vimCWE-787 7.8 -2022-06-19
CVE-2022-2042 Use After Free in vim/vim — vim/vimCWE-416 7.8 -2022-06-10
CVE-2022-2000 Out-of-bounds Write in vim/vim — vim/vimCWE-787 7.8 -2022-06-07
CVE-2022-1968 Use After Free in vim/vim — vim/vimCWE-416 7.8 -2022-06-02
CVE-2022-1942 Heap-based Buffer Overflow in vim/vim — vim/vimCWE-122 7.8 -2022-05-31
CVE-2022-1927 Buffer Over-read in vim/vim — vim/vimCWE-126 7.8 -2022-05-29
CVE-2022-1897 Out-of-bounds Write in vim/vim — vim/vimCWE-787 7.8 -2022-05-27
CVE-2022-1898 Use After Free in vim/vim — vim/vimCWE-416 7.8 -2022-05-27
CVE-2022-1886 Heap-based Buffer Overflow in vim/vim — vim/vimCWE-122 7.8 -2022-05-26
CVE-2022-1851 Out-of-bounds Read in vim/vim — vim/vimCWE-125 7.8 -2022-05-25
CVE-2022-1785 Out-of-bounds Write in vim/vim — vim/vimCWE-787 7.8 -2022-05-19
CVE-2022-1796 Use After Free in vim/vim — vim/vimCWE-416 7.8 -2022-05-19
CVE-2022-1771 Uncontrolled Recursion in vim/vim — vim/vimCWE-674 5.5 -2022-05-18
CVE-2022-1733 Heap-based Buffer Overflow in vim/vim — vim/vimCWE-122 7.8 -2022-05-17
CVE-2022-1735 Classic Buffer Overflow in vim/vim — vim/vimCWE-120 7.8 -2022-05-17
CVE-2022-1769 Buffer Over-read in vim/vim — vim/vimCWE-126 7.8 -2022-05-17
CVE-2022-1720 Buffer Over-read in function grab_file_name in vim/vim — vim/vimCWE-126 7.8 -2022-05-16
CVE-2022-1725 NULL Pointer Dereference in vim/vim — vim/vimCWE-476 5.5 -2022-05-16
CVE-2022-1674 NULL Pointer Dereference in function vim_regexec_string at regexp.c:2733 in vim/vim — vim/vimCWE-476 6.2 -2022-05-12
CVE-2022-1629 Buffer Over-read in function find_next_quote in vim/vim — vim/vimCWE-126 7.8 -2022-05-10
CVE-2022-1621 Heap buffer overflow in vim_strncpy find_word in vim/vim — vim/vimCWE-122 7.8 -2022-05-09

This page lists every published CVE security advisory associated with Vim. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.