| Max CVSS | 9.3 | Min CVSS | 2.1 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2017-17087 | 2.1 |
fileio.c in Vim prior to 8.0.1263 sets the group ownership of a .swp file to the editor's primary group (which may be different from the group ownership of the original file), which allows local users to obtain sensitive information by leveraging an
|
20-02-2022 - 05:58 | 01-12-2017 - 08:29 | |
| CVE-2017-11109 | 6.8 |
Vim 8.0 allows attackers to cause a denial of service (invalid free) or possibly have unspecified other impact via a crafted source (aka -S) file. NOTE: there might be a limited number of scenarios in which this has security relevance.
|
03-08-2019 - 13:15 | 08-07-2017 - 17:29 | |
| CVE-2019-12735 | 9.3 |
getchar.c in Vim before 8.1.1365 and Neovim before 0.3.6 allows remote attackers to execute arbitrary OS commands via the :source! command in a modeline, as demonstrated by execute in Vim, and assert_fails or nvim_input in Neovim.
|
13-06-2019 - 21:29 | 05-06-2019 - 14:29 |