Search CVE reports

Vim is an open source, command line text editor. Prior to version 9.2.0496, a code injection vulnerability exists in s:stepmatch() in the cucumber filetype plugin (runtime/ftplugin/cucumber.vim) on Vim builds with +ruby support....

Vim is an open source, command line text editor. Prior to version 9.2.0495, a Vimscript code injection vulnerability exists in s:NetrwBookHistSave() in the netrw plugin (runtime/pack/dist/opt/netrw/autoload/netrw.vim)...

An integer underflow vulnerability was found in MIT krb5 in the berval2tl_data() function in plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c. The function performs an unsigned subtraction (bv_len - 2) without a prior bounds check....

(Stack-based Buffer Overflow vulnerability in Erlang OTP (erl_interface ...)

(Stack-based Buffer Overflow vulnerability in Erlang OTP erts (inet_drv ...)

(Reliance on IP Address for Authentication vulnerability in Erlang/OTP ...)

(Observable Timing Discrepancy vulnerability in Erlang/OTP ssh (ssh_aut ...)

(Sensitive Data Exposure vulnerability in Erlang OTP inets (httpc_respo ...)

(Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...)

GD versions before 2.86 for Perl allow OS command injection and file overwrite via a 2-arg open() of filename arguments in _make_filehandle. GD::Image::_make_filehandle opens a filename argument with Perl's 2-arg open(), so a...