Search Vulnerabilities

The Vimeography: Vimeo Video Gallery WordPress Plugin plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 2.3.2 via deserialization of untrusted input via the vimeography_duplicate_gallery_serialized in the duplicate_gallery function. This makes it possible for authenticated attackers attackers, with contributor access or higher, to inject a PHP Object. No POP chain is present in the vulnerable plugin. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code.

vim is vulnerable to Use After Free

vim is vulnerable to Out-of-bounds Read

vim is vulnerable to Heap-based Buffer Overflow

vim is vulnerable to Use After Free

vim is vulnerable to Heap-based Buffer Overflow

vim is vulnerable to Heap-based Buffer Overflow

vim is vulnerable to Use After Free

vim is vulnerable to Heap-based Buffer Overflow

vim is vulnerable to Heap-based Buffer Overflow

vim is vulnerable to Use of Uninitialized Variable

vim is vulnerable to Heap-based Buffer Overflow

vim is vulnerable to Heap-based Buffer Overflow

vim is vulnerable to Heap-based Buffer Overflow

vim is vulnerable to Heap-based Buffer Overflow

vim is vulnerable to Use After Free

vim is vulnerable to Heap-based Buffer Overflow

vim is vulnerable to Heap-based Buffer Overflow

In Vim before 8.1.0881, users can circumvent the rvim restricted mode and execute arbitrary OS commands via scripting interfaces (e.g., Python, Ruby, or Lua).