Divide By Zero in GitHub repository vim/vim prior to 9.0.1247.

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched.

  - vim: buffer overflow (CVE-2020-20703)

  - vim: Heap based buffer overflow in findfile.c (CVE-2021-3973)

  - vim is vulnerable to Heap-based Buffer Overflow (CVE-2021-3927, CVE-2021-3968, CVE-2021-4136,     CVE-2022-0213)

Note that Nessus has not tested for these issues but has instead relied on the package manager's report that the package is installed.

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched.

  - vim: buffer overflow (CVE-2020-20703)

  - vim: use-after-free in skipwhite() in charset.c (CVE-2022-2345)

  - libvterm through 0+bzr726, as used in Vim and other products, mishandles certain out-of-memory conditions,     leading to a denial of service (application crash), related to screen.c, state.c, and vterm.c.
    (CVE-2018-20786)

Note that Nessus has not tested for these issues but has instead relied on the package manager's report that the package is installed.

This plugin has been deprecated as it does not adhere to established standards for this style of check.

The remote Fedora 36 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-030318ca00 advisory.

    Security fixes for CVE-2023-1175, CVE-2023-1170, CVE-2023-1264, CVE-2023-0512, CVE-2023-1355

    ----

    The newest upstream patchlevel 1367

    Security fix for CVE-2023-1127


Tenable has extracted the preceding description block directly from the Fedora security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote host is running a version of macOS / Mac OS X that is 11.x prior to 11.7.5. It is, therefore, affected by multiple vulnerabilities:

  - A use after free issue was addressed with improved memory management. This issue is fixed in watchOS 8.6,     tvOS 15.5, iOS 15.5 and iPadOS 15.5. An application may be able to execute arbitrary code with kernel     privileges. (CVE-2022-26702)

  - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1225. (CVE-2023-0433)

  - Divide By Zero in GitHub repository vim/vim prior to 9.0.1247. (CVE-2023-0512)

  - A use after free issue was addressed with improved memory management. This issue is fixed in macOS Ventura     13.3, macOS Monterey 12.6.4, iOS 16.3.1 and iPadOS 16.3.1, macOS Ventura 13.2.1, macOS Big Sur 11.7.5. An     app may be able to execute arbitrary code with kernel privileges. (CVE-2023-23514)

  - This issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and     iPadOS 16.4, macOS Big Sur 11.7.5. An app may be able to gain root privileges. (CVE-2023-23525)

  - The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and     iPadOS 16.4, macOS Big Sur 11.7.5, macOS Monterey 12.6.4, tvOS 16.4, watchOS 9.4. A user may gain access     to protected parts of the file system. (CVE-2023-23527)

  - The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3, macOS Big Sur     11.7.5. Processing a maliciously crafted image may result in disclosure of process memory.
    (CVE-2023-23534)

  - The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3, iOS 16.4     and iPadOS 16.4, macOS Big Sur 11.7.5, iOS 15.7.4 and iPadOS 15.7.4, macOS Monterey 12.6.6, tvOS 16.4,     watchOS 9.4. Processing a maliciously crafted image may result in disclosure of process memory.
    (CVE-2023-23535)

  - The issue was addressed with improved bounds checks. This issue is fixed in macOS Ventura 13.3, iOS 16.4     and iPadOS 16.4, macOS Big Sur 11.7.5, iOS 15.7.4 and iPadOS 15.7.4, macOS Monterey 12.6.4, tvOS 16.4,     watchOS 9.4. An app may be able to execute arbitrary code with kernel privileges. (CVE-2023-23536)

  - A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in     macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, watchOS 9.4, macOS Big Sur     11.7.5. An app may be able to read sensitive location information. (CVE-2023-23537)

  - The issue was addressed with improved memory handling. This issue is fixed in iOS 15.7.8 and iPadOS     15.7.8, macOS Monterey 12.6.4, iOS 16.4 and iPadOS 16.4, macOS Big Sur 11.7.5. An app may be able to     execute arbitrary code with kernel privileges. (CVE-2023-23540)

  - A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in     macOS Ventura 13.3, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. An app may be able to access user-     sensitive data. (CVE-2023-23542)

  - A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in     macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, tvOS 16.4, watchOS 9.4, macOS     Big Sur 11.7.5. An app may be able to access information about a user's contacts. (CVE-2023-27928)

  - The issue was addressed with improved bounds checks. This issue is fixed in macOS Ventura 13.3, macOS     Monterey 12.6.4, macOS Big Sur 11.7.5. A remote user may be able to cause unexpected app termination or     arbitrary code execution. (CVE-2023-27935)

  - An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in macOS     Ventura 13.3, iOS 15.7.4 and iPadOS 15.7.4, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. An app may be     able to cause unexpected system termination or write kernel memory. (CVE-2023-27936)

  - An integer overflow was addressed with improved input validation. This issue is fixed in macOS Ventura     13.3, iOS 16.4 and iPadOS 16.4, macOS Big Sur 11.7.5, macOS Monterey 12.6.4, tvOS 16.4, watchOS 9.4.
    Parsing a maliciously crafted plist may lead to an unexpected app termination or arbitrary code execution.
    (CVE-2023-27937)

  - A validation issue was addressed with improved input sanitization. This issue is fixed in macOS Ventura     13.3, iOS 15.7.4 and iPadOS 15.7.4, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. An app may be able to     disclose kernel memory. (CVE-2023-27941, CVE-2023-28200)

  - The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and     iPadOS 16.4, macOS Big Sur 11.7.5, macOS Monterey 12.6.4, tvOS 16.4, watchOS 9.4. An app may be able to     access user-sensitive data. (CVE-2023-27942)

  - This issue was addressed with a new entitlement. This issue is fixed in macOS Ventura 13.3, macOS Monterey     12.6.4, macOS Big Sur 11.7.5. An app may be able to break out of its sandbox. (CVE-2023-27944)

  - An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Ventura     13.3, iOS 15.7.4 and iPadOS 15.7.4, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. Processing a maliciously     crafted file may lead to unexpected app termination or arbitrary code execution. (CVE-2023-27946)

  - The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3, macOS Monterey     12.6.4, macOS Big Sur 11.7.5. An archive may be able to bypass Gatekeeper. (CVE-2023-27951)

  - The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3, macOS     Monterey 12.6.4, macOS Big Sur 11.7.5. A remote user may be able to cause unexpected system termination or     corrupt kernel memory. (CVE-2023-27953, CVE-2023-27958)

  - The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and     iPadOS 16.4, macOS Monterey 12.6.4, tvOS 16.4, macOS Big Sur 11.7.5. An app may be able to read arbitrary     files. (CVE-2023-27955)

  - Multiple validation issues were addressed with improved input sanitization. This issue is fixed in macOS     Ventura 13.3, iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, macOS Monterey 12.6.4, watchOS 9.4,     macOS Big Sur 11.7.5. Importing a maliciously crafted calendar invitation may exfiltrate user information.
    (CVE-2023-27961)

  - A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3, macOS     Monterey 12.6.4, macOS Big Sur 11.7.5. An app may be able to modify protected parts of the file system.
    (CVE-2023-27962)

  - The issue was addressed with improved authentication. This issue is fixed in macOS Ventura 13.3, iOS 16.4     and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. A user in a     privileged network position may be able to spoof a VPN server that is configured with EAP-only     authentication on a device. (CVE-2023-28182)

  - An integer overflow was addressed through improved input validation. This issue is fixed in tvOS 16.4,     macOS Big Sur 11.7.5, iOS 16.4 and iPadOS 16.4, watchOS 9.4, macOS Monterey 12.6.4, iOS 15.7.4 and iPadOS     15.7.4. An app may be able to cause a denial-of-service. (CVE-2023-28185)

  - The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3, macOS Monterey     12.6.4, macOS Big Sur 11.7.5. An app may be able to view sensitive information. (CVE-2023-28189)

  - A permissions issue was addressed with improved validation. This issue is fixed in macOS Ventura 13.3,     macOS Monterey 12.6.4, macOS Big Sur 11.7.5. An app may be able to read sensitive location information.
    (CVE-2023-28192)

  - An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Ventura     13.3, macOS Big Sur 11.7.5, macOS Monterey 12.6.4. An app may be able to access user-sensitive data.
    (CVE-2023-28197)

  - An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with     improved input validation. This issue is fixed in macOS Ventura 13.3. An app may be able to disclose     kernel memory. (CVE-2023-28199)

  - An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in macOS     Big Sur 11.7.5, macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, macOS Monterey     12.6.4. Processing a font file may lead to arbitrary code execution. (CVE-2023-32366)

  - A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Ventura     13.3, macOS Big Sur 11.7.5, macOS Monterey 12.6.4. An app may be able to execute arbitrary code with     kernel privileges. (CVE-2023-32378)

  - This issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.6.4, macOS Big Sur     11.7.5, macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4. A sandboxed process may be able to circumvent     sandbox restrictions. (CVE-2023-40398)

  - A type confusion issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.7.5,     macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, macOS Monterey 12.6.4. An app     may be able to execute arbitrary code with kernel privileges. (CVE-2023-41075)

Note that Nessus has not tested for these issues but has instead relied only on the operating system's self-reported version number.

The remote host is running a version of macOS / Mac OS X that is 12.x prior to 12.6.4. It is, therefore, affected by multiple vulnerabilities:

  - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1225. (CVE-2023-0433)

  - Divide By Zero in GitHub repository vim/vim prior to 9.0.1247. (CVE-2023-0512)

  - A use after free issue was addressed with improved memory management. This issue is fixed in macOS Ventura     13.3, macOS Monterey 12.6.4, iOS 16.3.1 and iPadOS 16.3.1, macOS Ventura 13.2.1, macOS Big Sur 11.7.5. An     app may be able to execute arbitrary code with kernel privileges. (CVE-2023-23514)

  - The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and     iPadOS 16.4, macOS Big Sur 11.7.5, macOS Monterey 12.6.4, tvOS 16.4, watchOS 9.4. A user may gain access     to protected parts of the file system. (CVE-2023-23527)

  - A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3, macOS     Monterey 12.6.4. An app may be able to modify protected parts of the file system. (CVE-2023-23533,     CVE-2023-23538)

  - The issue was addressed with improved bounds checks. This issue is fixed in macOS Ventura 13.3, iOS 16.4     and iPadOS 16.4, macOS Big Sur 11.7.5, iOS 15.7.4 and iPadOS 15.7.4, macOS Monterey 12.6.4, tvOS 16.4,     watchOS 9.4. An app may be able to execute arbitrary code with kernel privileges. (CVE-2023-23536)

  - A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in     macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, watchOS 9.4, macOS Big Sur     11.7.5. An app may be able to read sensitive location information. (CVE-2023-23537)

  - The issue was addressed with improved memory handling. This issue is fixed in iOS 15.7.8 and iPadOS     15.7.8, macOS Monterey 12.6.4, iOS 16.4 and iPadOS 16.4, macOS Big Sur 11.7.5. An app may be able to     execute arbitrary code with kernel privileges. (CVE-2023-23540)

  - A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in     macOS Ventura 13.3, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. An app may be able to access user-     sensitive data. (CVE-2023-23542)

  - The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3, iOS 16.4     and iPadOS 16.4, macOS Monterey 12.6.4, tvOS 16.4, watchOS 9.4. An app with root privileges may be able to     execute arbitrary code with kernel privileges. (CVE-2023-27933)

  - A memory initialization issue was addressed. This issue is fixed in macOS Ventura 13.3, macOS Monterey     12.6.4. A remote attacker may be able to cause unexpected app termination or arbitrary code execution.
    (CVE-2023-27934)

  - The issue was addressed with improved bounds checks. This issue is fixed in macOS Ventura 13.3, macOS     Monterey 12.6.4, macOS Big Sur 11.7.5. A remote user may be able to cause unexpected app termination or     arbitrary code execution. (CVE-2023-27935)

  - An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in macOS     Ventura 13.3, iOS 15.7.4 and iPadOS 15.7.4, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. An app may be     able to cause unexpected system termination or write kernel memory. (CVE-2023-27936)

  - An integer overflow was addressed with improved input validation. This issue is fixed in macOS Ventura     13.3, iOS 16.4 and iPadOS 16.4, macOS Big Sur 11.7.5, macOS Monterey 12.6.4, tvOS 16.4, watchOS 9.4.
    Parsing a maliciously crafted plist may lead to an unexpected app termination or arbitrary code execution.
    (CVE-2023-27937)

  - A validation issue was addressed with improved input sanitization. This issue is fixed in macOS Ventura     13.3, iOS 15.7.4 and iPadOS 15.7.4, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. An app may be able to     disclose kernel memory. (CVE-2023-27941, CVE-2023-28200)

  - The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and     iPadOS 16.4, macOS Big Sur 11.7.5, macOS Monterey 12.6.4, tvOS 16.4, watchOS 9.4. An app may be able to     access user-sensitive data. (CVE-2023-27942)

  - This issue was addressed with a new entitlement. This issue is fixed in macOS Ventura 13.3, macOS Monterey     12.6.4, macOS Big Sur 11.7.5. An app may be able to break out of its sandbox. (CVE-2023-27944)

  - An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Ventura     13.3, iOS 15.7.4 and iPadOS 15.7.4, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. Processing a maliciously     crafted file may lead to unexpected app termination or arbitrary code execution. (CVE-2023-27946)

  - An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura     13.3, macOS Monterey 12.6.4, iOS 15.7.4 and iPadOS 15.7.4. Processing a maliciously crafted file may lead     to unexpected app termination or arbitrary code execution. (CVE-2023-27949)

  - The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3, macOS Monterey     12.6.4, macOS Big Sur 11.7.5. An archive may be able to bypass Gatekeeper. (CVE-2023-27951)

  - The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3, macOS     Monterey 12.6.4, macOS Big Sur 11.7.5. A remote user may be able to cause unexpected system termination or     corrupt kernel memory. (CVE-2023-27953, CVE-2023-27958)

  - The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and     iPadOS 16.4, macOS Monterey 12.6.4, tvOS 16.4, macOS Big Sur 11.7.5. An app may be able to read arbitrary     files. (CVE-2023-27955)

  - Multiple validation issues were addressed with improved input sanitization. This issue is fixed in macOS     Ventura 13.3, iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, macOS Monterey 12.6.4, watchOS 9.4,     macOS Big Sur 11.7.5. Importing a maliciously crafted calendar invitation may exfiltrate user information.
    (CVE-2023-27961)

  - A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3, macOS     Monterey 12.6.4, macOS Big Sur 11.7.5. An app may be able to modify protected parts of the file system.
    (CVE-2023-27962)

  - The issue was addressed with additional permissions checks. This issue is fixed in macOS Ventura 13.3, iOS     16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, macOS Monterey 12.6.4, tvOS 16.4, watchOS 9.4. A     shortcut may be able to use sensitive data with certain actions without prompting the user.
    (CVE-2023-27963)

  - A logic issue was addressed with improved validation. This issue is fixed in macOS Ventura 13.3, iOS 16.4     and iPadOS 16.4, macOS Monterey 12.6.4, tvOS 16.4, watchOS 9.4. An app may be able to bypass Privacy     preferences. (CVE-2023-28178)

  - The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3, iOS 16.4     and iPadOS 16.4, iOS 15.7.6 and iPadOS 15.7.6, macOS Monterey 12.6.4, macOS Big Sur 11.7.7, tvOS 16.4,     watchOS 9.4. An app may be able to execute arbitrary code with kernel privileges. (CVE-2023-28181)

  - The issue was addressed with improved authentication. This issue is fixed in macOS Ventura 13.3, iOS 16.4     and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. A user in a     privileged network position may be able to spoof a VPN server that is configured with EAP-only     authentication on a device. (CVE-2023-28182)

  - An integer overflow was addressed through improved input validation. This issue is fixed in tvOS 16.4,     macOS Big Sur 11.7.5, iOS 16.4 and iPadOS 16.4, watchOS 9.4, macOS Monterey 12.6.4, iOS 15.7.4 and iPadOS     15.7.4. An app may be able to cause a denial-of-service. (CVE-2023-28185)

  - The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3, macOS Monterey     12.6.4, macOS Big Sur 11.7.5. An app may be able to view sensitive information. (CVE-2023-28189)

  - A permissions issue was addressed with improved validation. This issue is fixed in macOS Ventura 13.3,     macOS Monterey 12.6.4, macOS Big Sur 11.7.5. An app may be able to read sensitive location information.
    (CVE-2023-28192)

  - An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Ventura     13.3, macOS Big Sur 11.7.5, macOS Monterey 12.6.4. An app may be able to access user-sensitive data.
    (CVE-2023-28197)

  - An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with     improved input validation. This issue is fixed in macOS Ventura 13.3. An app may be able to disclose     kernel memory. (CVE-2023-28199)

  - An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in macOS     Big Sur 11.7.5, macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, macOS Monterey     12.6.4. Processing a font file may lead to arbitrary code execution. (CVE-2023-32366)

  - A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Ventura     13.3, macOS Big Sur 11.7.5, macOS Monterey 12.6.4. An app may be able to execute arbitrary code with     kernel privileges. (CVE-2023-32378)

  - This issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.6.4, macOS Big Sur     11.7.5, macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4. A sandboxed process may be able to circumvent     sandbox restrictions. (CVE-2023-40398)

  - A type confusion issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.7.5,     macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, macOS Monterey 12.6.4. An app     may be able to execute arbitrary code with kernel privileges. (CVE-2023-41075)

Note that Nessus has not tested for these issues but has instead relied only on the operating system's self-reported version number.

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2023-1703 advisory.

    Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1189. (CVE-2023-0288)

    Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1225. (CVE-2023-0433)

    Divide By Zero in GitHub repository vim/vim prior to 9.0.1247. (CVE-2023-0512)

    Divide By Zero in GitHub repository vim/vim prior to 9.0.1367. (CVE-2023-1127)

Tenable has extracted the preceding description block directly from the tested product security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-117 advisory.

    Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0483. (CVE-2022-3234)

    Use After Free in GitHub repository vim/vim prior to 9.0.0490. (CVE-2022-3235)

    Use After Free in GitHub repository vim/vim prior to 9.0.0530. (CVE-2022-3256)

    NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0552. (CVE-2022-3278)

    Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0577. (CVE-2022-3296)

    Use After Free in GitHub repository vim/vim prior to 9.0.0579. (CVE-2022-3297)

    Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0598. (CVE-2022-3324)

    Use After Free in GitHub repository vim/vim prior to 9.0.0614. (CVE-2022-3352)

    Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0742. (CVE-2022-3491)

    A null pointer dereference issue was discovered in function gui_x11_create_blank_mouse in gui_x11.c in vim     8.1.2269 thru 9.0.0339 allows attackers to cause denial of service or other unspecified impacts.
    (CVE-2022-47024)

    Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1144. (CVE-2023-0051)

    Out-of-bounds Write in GitHub repository vim/vim prior to 9.0.1145. (CVE-2023-0054)

    Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1189. (CVE-2023-0288)

    Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1225. (CVE-2023-0433)

    Divide By Zero in GitHub repository vim/vim prior to 9.0.1247. (CVE-2023-0512)

Tenable has extracted the preceding description block directly from the tested product security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The version of vim installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-0512 advisory.

  - Divide By Zero in GitHub repository vim/vim prior to 9.0.1247. (CVE-2023-0512)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLES12 / SLES_SAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:0760-1 advisory.

  - Divide By Zero in GitHub repository vim/vim prior to 9.0.1247. (CVE-2023-0512)

  - Divide By Zero in GitHub repository vim/vim prior to 9.0.1367. (CVE-2023-1127)

  - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1376. (CVE-2023-1170)

  - Incorrect Calculation of Buffer Size in GitHub repository vim/vim prior to 9.0.1378. (CVE-2023-1175)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:0781-1 advisory.

  - Divide By Zero in GitHub repository vim/vim prior to 9.0.1247. (CVE-2023-0512)

  - Divide By Zero in GitHub repository vim/vim prior to 9.0.1367. (CVE-2023-1127)

  - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1376. (CVE-2023-1170)

  - Incorrect Calculation of Buffer Size in GitHub repository vim/vim prior to 9.0.1378. (CVE-2023-1175)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-1975 advisory.

    A heap buffer overflow vulnerability was found in vim's ins_compl_infercase_gettext() function of the     src/insexpand.c file. This flaw occurs when vim tries to access uninitialized memory when completing a     long line. This flaw allows an attacker to trick a user into opening a specially crafted file, triggering     a heap-based buffer overflow that causes an application to crash, possibly executing code and corrupting     memory. (CVE-2022-2522)

    A flaw was found in vim. The vulnerability occurs due to illegal memory access and leads to a heap buffer     overflow vulnerability. This flaw allows an attacker to input a specially crafted file, leading to a crash     or code execution. (CVE-2022-2571)

    A flaw was found in vim. The vulnerability occurs due to illegal memory access and leads to a heap buffer     overflow. This flaw allows an attacker to input a specially crafted file, leading to a crash or code     execution. (CVE-2022-2580)

    A flaw was found in vim. The vulnerability occurs due to illegal memory access and leads to a heap buffer     overflow. This flaw allows an attacker to input a specially crafted file, leading to a crash or code     execution. (CVE-2022-2581)

    NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0224. (CVE-2022-2874)

    A heap use-after-free vulnerability was found in vim's do_tag() function of the src/tag.c file. The issue     triggers when the 'tagfunc' closes the window. This flaw allows an attacker to trick a user into opening a     specially crafted file, triggering a heap use-after-free that causes an application to crash, possibly     executing code and corrupting memory. (CVE-2022-3134)

    NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0404. (CVE-2022-3153)

    Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0483. (CVE-2022-3234)

    Use After Free in GitHub repository vim/vim prior to 9.0.0490. (CVE-2022-3235)

    Use After Free in GitHub repository vim/vim prior to 9.0.0530. (CVE-2022-3256)

    NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0552. (CVE-2022-3278)

    Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0577. (CVE-2022-3296)

    Use After Free in GitHub repository vim/vim prior to 9.0.0579. (CVE-2022-3297)

    Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0598. (CVE-2022-3324)

    Use After Free in GitHub repository vim/vim prior to 9.0.0614. (CVE-2022-3352)

    Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0742. (CVE-2022-3491)

    A null pointer dereference issue was discovered in function gui_x11_create_blank_mouse in gui_x11.c in vim     8.1.2269 thru 9.0.0339 allows attackers to cause denial of service or other unspecified impacts.
    (CVE-2022-47024)

    Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1144. (CVE-2023-0051)

    Out-of-bounds Write in GitHub repository vim/vim prior to 9.0.1145. (CVE-2023-0054)

    Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1189. (CVE-2023-0288)

    Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1225. (CVE-2023-0433)

    Divide By Zero in GitHub repository vim/vim prior to 9.0.1247. (CVE-2023-0512)

Tenable has extracted the preceding description block directly from the tested product security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

ID	Name	Product	Family	Severity
198539	RHEL 9 : vim (Unpatched Vulnerability)	Nessus	Red Hat Local Security Checks	critical
198465	RHEL 8 : vim (Unpatched Vulnerability)	Nessus	Red Hat Local Security Checks	critical
196374	RHEL 7 : vim (Unpatched Vulnerability) (deprecated)	Nessus	Red Hat Local Security Checks	critical
196324	RHEL 6 : vim (Unpatched Vulnerability) (deprecated)	Nessus	Red Hat Local Security Checks	critical
173752	Fedora 36 : vim (2023-030318ca00)	Nessus	Fedora Local Security Checks	high
173444	macOS 13.x < 13.3 Multiple Vulnerabilities (HT213670)	Nessus	MacOS X Local Security Checks	critical
173442	macOS 11.x < 11.7.5 Multiple Vulnerabilities (HT213675)	Nessus	MacOS X Local Security Checks	critical
173439	macOS 12.x < 12.6.4 Multiple Vulnerabilities (HT213677)	Nessus	MacOS X Local Security Checks	critical
173284	Amazon Linux AMI : vim (ALAS-2023-1703)	Nessus	Amazon Linux Local Security Checks	high
173104	Amazon Linux 2023 : vim-common, vim-data, vim-default-editor (ALAS2023-2023-117)	Nessus	Amazon Linux Local Security Checks	high
172875	CBL Mariner 2.0 Security Update: vim (CVE-2023-0512)	Nessus	MarinerOS Local Security Checks	high
172646	SUSE SLES12 Security Update : vim (SUSE-SU-2023:0760-1)	Nessus	SuSE Local Security Checks	high
172644	SUSE SLED15 / SLES15 / openSUSE 15 Security Update : vim (SUSE-SU-2023:0781-1)	Nessus	SuSE Local Security Checks	high
172151	Amazon Linux 2 : vim (ALAS-2023-1975)	Nessus	Amazon Linux Local Security Checks	high

Detections

Analytics

CVE-2023-0512

high

Tenable Plugins

critical

critical

critical

critical

high

critical

critical

critical

high

high

high

high

high

high