Vim version 3 suffers from multiple arbitrary code execution vulnerabilities.
0df0a0a662b76dfb71b8da8346939e317d1a638e718c3ebbea161707aec73cf4
Vim versions 7.1.266 and 7.2 suffer from a ftp credential disclosure vulnerability.
9efd8fed7bb569b3b6816eb2bbea69d32d15c299b7ab14a6d6318af5c0d8ebed
Vim versions 7.0 through 7.2c.002 suffer from unfixed vulnerabilities in Tar plugin version 20.
8d2656b1d8ef0e29912ed8a10e520a3493d5bf180a29d0ed2cf3d359eed82a0c
Vim versions below 7.2c.002 and above 7.0 suffer from a vulnerability that allows for potential arbitrary code execution when handling tar archives.
a9486b21729eee59d2a535ec6d0b54386cb2d2c87ea8c15b6e5de7aca2ccb936
This advisory discusses the filetype.vim vulnerability in Vim version 7.2b.10 that allows for arbitrary code execution and also notes that the Vim patch 7.1.300 did not fix the vulnerability.
ce5ac1fb0fa0e4f7d6ca3213e51c52d637564fd39e7c05602f63456e5bd83fcd
Vim version 5.0 through the current version suffer from an arbitrary code execution vulnerability via an insecure temporary file creation flaw.
e7aba5aff5906fcc02e2116bb842aec10130ebae6504b53a16617fdc67070ef6
Lack of sanitization throughout Netrw can lead to arbitrary code execution upon opening a directory with a crafted name.
f50311e256266d8d203d3885b3448de80d94b947a9e036abe3e56dcfaf147b16
Vim versions greater than and equal to 7.2.a.013 suffer from an arbitrary code execution vulnerability using the shellescape() function.
6adfab1ef22a58322cefeb82ac51d3173e70797770814479bc878db14994e3b5
Vim (Vi IMproved) versions 7.1.314 and 6.4 suffer from various code execution vulnerabilities.
c84bbf4249b888e1dfb648514567bcd415d66705dec14e752d3de66a3d85e80f
Proof of concept exploit for the wget directory traversal vulnerability that affects versions 1.8 and below.
4f69b0514c0819b845039ad1a0f2bd0421f909a68ea1db660bb1e9897cb59032
wget versions 1.8 and below allow for arbitrary overwriting, creating, and appending to files on the underlying system with the permissions of the user executing the binary. The files to be written to can be anywhere regardless of what the end user has requested. The primary flaw is a failure to sanitize redirection data.
1be8cddd71aff948bf1e3a1902aa0ce2fa4a77c5d800966d1b956c4a162900a8