This page displays vulnerability information about FreeBSD Ports.
The VUXML data was last processed by FreshPorts on 2024-05-02 10:37:19 UTC
List all Vulnerabilities, by package
List all Vulnerabilities, by date
k68These are the vulnerabilities relating to the commit you have selected:
VuXML ID | Description |
---|---|
30866e6c-3c6d-11dd-98c9-00163e000016 | vim -- Vim Shell Command Injection Vulnerabilities Rdancer.org reports:
Discovery 2008-06-16 Entry 2008-06-21 vim vim-console vim-lite vim-ruby vim6 vim6-ruby gt 6 le 6.4.10 gt 7 lt 7.1.315 CVE-2008-2712 http://www.rdancer.org/vulnerablevim.html |
1ed03222-3c65-11dc-b3d3-0016179b2dd5 | vim -- Command Format String Vulnerability A Secunia Advisory reports:
Discovery 2007-07-27 Entry 2007-07-27 vim vim-console vim-lite vim-ruby vim6 vim6-ruby < 7.1.39 CVE-2007-2953 http://secunia.com/advisories/25941/ |
81f127a8-0038-11da-86bc-000e0c2e438a | vim -- vulnerabilities in modeline handling: glob, expand Georgi Guninski discovered a way to construct Vim modelines that execute arbitrary shell commands. The vulnerability can be exploited by including shell commands in modelines that call the glob() or expand() functions. An attacker could trick an user to read or edit a trojaned file with modelines enabled, after which the attacker is able to execute arbitrary commands with the privileges of the user. Note: It is generally recommended that VIM
users use Discovery 2005-07-25 Entry 2005-07-31 vim vim-console vim-lite vim+ruby ge 6.3 lt 6.3.82 14374 CVE-2005-2368 http://www.guninski.com/where_do_you_want_billg_to_go_today_5.html |
bd9fc2bf-5ffe-11d9-a11a-000a95bc6fae | vim -- vulnerabilities in modeline handling Ciaran McCreesh discovered news ways in which a VIM modeline can be used to trojan a text file. The patch by Bram Moolenaar reads:
Note: It is generally recommended that VIM
users use Discovery 2004-12-09 Entry 2005-01-06 Modified 2005-01-13 vim vim-console vim-lite vim+ruby < 6.3.45 CVE-2004-1138 ftp://ftp.vim.org/pub/vim/patches/6.3/6.3.045 http://groups.yahoo.com/group/vimdev/message/38084 |
c11629d3-c8ad-11e6-ae1b-002590263bf5 | vim -- arbitrary command execution Mitre reports:
Discovery 2016-11-22 Entry 2016-12-23 vim vim-console vim-lite < 8.0.0056 neovim < 0.1.7 CVE-2016-1248 94478 https://github.com/vim/vim/commit/d0b5138ba4bccff8a744c99836041ef6322ed39a https://github.com/neovim/neovim/commit/4fad66fbe637818b6b3d6bc5d21923ba72795040 |
bbdb9713-8e09-11e9-87bc-002590acae31 | Vim/NeoVim -- Security vulnerability Security releases for Vim/NeoVim:
Discovery 2019-05-22 Entry 2019-06-13 vim vim-console vim-tiny < 8.1.1365 neovim < 0.3.6 https://nvd.nist.gov/vuln/detail/CVE-2019-12735 |