Max CVSS 9.3 Min CVSS 4.6 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2019-20807 4.6
In Vim before 8.1.0881, users can circumvent the rvim restricted mode and execute arbitrary OS commands via scripting interfaces (e.g., Python, Ruby, or Lua).
01-09-2022 - 15:14 28-05-2020 - 14:15
CVE-2019-12735 9.3
getchar.c in Vim before 8.1.1365 and Neovim before 0.3.6 allows remote attackers to execute arbitrary OS commands via the :source! command in a modeline, as demonstrated by execute in Vim, and assert_fails or nvim_input in Neovim.
13-06-2019 - 21:29 05-06-2019 - 14:29
CVE-2016-1248 6.8
vim before patch 8.0.0056 does not properly validate values for the 'filetype', 'syntax' and 'keymap' options, which may result in the execution of arbitrary code if a file with a specially crafted modeline is opened.
28-07-2017 - 01:29 23-11-2016 - 15:59
Back to Top Mark selected
Back to Top