Vim before version 8.2.3741 is vulnerable to a use after free through using freed memory in the open command.

Vim before version 8.2.3669 is vulnerable to a heap-based buffer overflow when using a long help argument.

Vim before version 8.2.3625 is vulnerable to a heap-based buffer overflow when C-indenting.

Vim before version 8.2.3612 is vulnerable to a use after free through using freed memory with regexp using a mark.

Vim before version 8.2.3611 is vulnerable to a heap-based buffer overflow when using CTRL-W f without finding a file name.

Vim before version 8.2.3610 is vulnerable to a heap-based buffer overflow when ModeChanged is triggered too early.

Vim before version 8.2.3582 is vulnerable to a heap-based buffer overflow through reading uninitialized memory when giving spell suggestions.

Vim before version 8.2.3581 is vulnerable to a heap-based buffer overflow when reading a character past the end of line.

Vim before version 8.2.3564 is vulnerable to a heap-based buffer overflow when scrolling without a valid screen.

Vim before version 8.2.3489 is vulnerable to a heap-based buffer overflow after a search with range.

Vim before version 8.2.3487 is vulnerable to a heap-based buffer overflow if a Vim buffer name is very long.

vim before version 8.2.3428 is vulnerable to a use after free when replacing.

vim before version 8.2.3409 is vulnerable to a heap-based buffer overflow when reading beyond the end of a line with an invalid UTF-8 character.

vim before version 8.2.3402 is vulnerable to a heap-based buffer overflow when using :retab with large value.

getchar.c in Vim before 8.1.1365 and Neovim before 0.3.6 allows remote attackers to execute arbitrary OS commands via the :source! command in a modeline, as...

VIM ignores umask when creating a swap file ("[ORIGINAL_FILENAME].swp") resulting in files that may be world readable or otherwise accessible in ways not...

Vim 8.0 allows attackers to cause a denial of service (invalid free) or possibly have unspecified other impact via a crafted source (aka -S) file.

It was found that vim does not properly validate values for tree length when handling a spell file, which may result in an integer overflow at a memory...

A vulnerability has been discovered in vim which would allow arbitrary shell commands to be run if a user opened a file with a malicious modeline. This is...