Total
67 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2021-45256 | 1 Nasm | 1 Netwide Assembler | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
A Null Pointer Dereference vulnerability existfs in nasm 2.16rc0 via asm/preproc.c. | |||||
CVE-2021-45257 | 1 Nasm | 1 Netwide Assembler | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
An infinite loop vulnerability exists in nasm 2.16rc0 via the gpaste_tokens function. | |||||
CVE-2020-18974 | 1 Nasm | 1 Netwide Assembler | 2023-12-10 | 4.3 MEDIUM | 3.3 LOW |
Buffer Overflow in Netwide Assembler (NASM) v2.15.xx allows attackers to cause a denial of service via 'crc64i' in the component 'nasmlib/crc64'. This issue is different than CVE-2019-7147. | |||||
CVE-2020-24242 | 1 Nasm | 1 Netwide Assembler | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
In Netwide Assembler (NASM) 2.15rc10, SEGV can be triggered in tok_text in asm/preproc.c by accessing READ memory. | |||||
CVE-2020-24978 | 1 Nasm | 1 Netwide Assembler | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
In NASM 2.15.04rc3, there is a double-free vulnerability in pp_tokline asm/preproc.c. This is fixed in commit 8806c3ca007b84accac21dd88b900fb03614ceb7. | |||||
CVE-2020-24241 | 1 Nasm | 1 Netwide Assembler | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
In Netwide Assembler (NASM) 2.15rc10, there is heap use-after-free in saa_wbytes in nasmlib/saa.c. | |||||
CVE-2019-20334 | 1 Nasm | 1 Netwide Assembler | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
In Netwide Assembler (NASM) 2.14.02, stack consumption occurs in expr# functions in asm/eval.c. This potentially affects the relationships among expr0, expr1, expr2, expr3, expr4, expr5, and expr6 (and stdscan in asm/stdscan.c). This is similar to CVE-2019-6290 and CVE-2019-6291. | |||||
CVE-2019-20352 | 1 Nasm | 1 Netwide Assembler | 2023-12-10 | 5.8 MEDIUM | 7.1 HIGH |
In Netwide Assembler (NASM) 2.15rc0, a heap-based buffer over-read occurs (via a crafted .asm file) in set_text_free when called from expand_one_smacro in asm/preproc.c. | |||||
CVE-2019-14248 | 1 Nasm | 1 Netwide Assembler | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
In libnasm.a in Netwide Assembler (NASM) 2.14.xx, asm/pragma.c allows a NULL pointer dereference in process_pragma, search_pragma_list, and nasm_set_limit when "%pragma limit" is mishandled. | |||||
CVE-2018-16382 | 1 Nasm | 1 Netwide Assembler | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
Netwide Assembler (NASM) 2.14rc15 has a buffer over-read in x86/regflags.c. | |||||
CVE-2018-19216 | 2 Debian, Nasm | 2 Debian Linux, Netwide Assembler | 2023-12-10 | 6.8 MEDIUM | 7.8 HIGH |
Netwide Assembler (NASM) before 2.13.02 has a use-after-free in detoken at asm/preproc.c. | |||||
CVE-2018-19215 | 2 Nasm, Redhat | 2 Netwide Assembler, Enterprise Linux | 2023-12-10 | 6.8 MEDIUM | 7.8 HIGH |
Netwide Assembler (NASM) 2.14rc16 has a heap-based buffer over-read in expand_mmac_params in asm/preproc.c for the special cases of the % and $ and ! characters. | |||||
CVE-2018-19209 | 1 Nasm | 1 Netwide Assembler | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
Netwide Assembler (NASM) 2.14rc15 has a NULL pointer dereference in the function find_label in asm/labels.c that will lead to a DoS attack. | |||||
CVE-2018-16517 | 1 Nasm | 1 Netwide Assembler | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
asm/labels.c in Netwide Assembler (NASM) is prone to NULL Pointer Dereference, which allows the attacker to cause a denial of service via a crafted file. | |||||
CVE-2018-20538 | 1 Nasm | 1 Netwide Assembler | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
There is a use-after-free at asm/preproc.c (function pp_getline) in Netwide Assembler (NASM) 2.14rc16 that will cause a denial of service during certain finishes tests. | |||||
CVE-2019-6291 | 1 Nasm | 1 Netwide Assembler | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
An issue was discovered in the function expr6 in eval.c in Netwide Assembler (NASM) through 2.14.02. There is a stack exhaustion problem caused by the expr6 function making recursive calls to itself in certain scenarios involving lots of '!' or '+' or '-' characters. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted asm file. | |||||
CVE-2018-20535 | 1 Nasm | 1 Netwide Assembler | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
There is a use-after-free at asm/preproc.c (function pp_getline) in Netwide Assembler (NASM) 2.14rc16 that will cause a denial of service during a line-number increment attempt. | |||||
CVE-2018-19213 | 1 Nasm | 1 Netwide Assembler | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
Netwide Assembler (NASM) through 2.14rc16 has memory leaks that may lead to DoS, related to nasm_malloc in nasmlib/malloc.c. | |||||
CVE-2018-1000667 | 1 Nasm | 1 Netwide Assembler | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
NASM nasm-2.13.03 nasm- 2.14rc15 version 2.14rc15 and earlier contains a memory corruption (crashed) of nasm when handling a crafted file due to function assemble_file(inname, depend_ptr) at asm/nasm.c:482. vulnerability in function assemble_file(inname, depend_ptr) at asm/nasm.c:482. that can result in aborting/crash nasm program. This attack appear to be exploitable via a specially crafted asm file.. | |||||
CVE-2019-6290 | 1 Nasm | 1 Netwide Assembler | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
An infinite recursion issue was discovered in eval.c in Netwide Assembler (NASM) through 2.14.02. There is a stack exhaustion problem resulting from infinite recursion in the functions expr, rexp, bexpr and cexpr in certain scenarios involving lots of '{' characters. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted asm file. |