Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Nasm Subscribe
Filtered by product Netwide Assembler
Total 54 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-46457 1 Nasm 1 Netwide Assembler 2023-02-09 N/A 5.5 MEDIUM
NASM v2.16 was discovered to contain a segmentation violation in the component ieee_write_file at /output/outieee.c.
CVE-2022-46456 1 Nasm 1 Netwide Assembler 2023-01-18 N/A 6.1 MEDIUM
NASM v2.16 was discovered to contain a global buffer overflow in the component dbgdbg_typevalue at /output/outdbg.c.
CVE-2022-41420 1 Nasm 1 Netwide Assembler 2022-10-05 N/A 5.5 MEDIUM
nasm v2.16 was discovered to contain a stack overflow in the Ndisasm component
CVE-2020-24978 1 Nasm 1 Netwide Assembler 2022-09-02 7.5 HIGH 9.8 CRITICAL
In NASM 2.15.04rc3, there is a double-free vulnerability in pp_tokline asm/preproc.c. This is fixed in commit 8806c3ca007b84accac21dd88b900fb03614ceb7.
CVE-2017-17820 2 Canonical, Nasm 2 Ubuntu Linux, Netwide Assembler 2022-08-02 4.3 MEDIUM 5.5 MEDIUM
In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in pp_list_one_macro in asm/preproc.c that will lead to a remote denial of service attack, related to mishandling of operand-type errors.
CVE-2017-17817 2 Canonical, Nasm 2 Ubuntu Linux, Netwide Assembler 2022-08-02 4.3 MEDIUM 5.5 MEDIUM
In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in pp_verror in asm/preproc.c that will cause a remote denial of service attack.
CVE-2017-17819 2 Canonical, Nasm 2 Ubuntu Linux, Netwide Assembler 2022-08-02 4.3 MEDIUM 5.5 MEDIUM
In Netwide Assembler (NASM) 2.14rc0, there is an illegal address access in the function find_cc() in asm/preproc.c that will cause a remote denial of service attack, because pointers associated with skip_white_ calls are not validated.
CVE-2021-33450 1 Nasm 1 Netwide Assembler 2022-08-02 N/A 5.5 MEDIUM
An issue was discovered in NASM version 2.16rc0. There are memory leaks in nasm_calloc() in nasmlib/alloc.c.
CVE-2021-33452 1 Nasm 1 Netwide Assembler 2022-08-02 N/A 5.5 MEDIUM
An issue was discovered in NASM version 2.16rc0. There are memory leaks in nasm_malloc() in nasmlib/alloc.c.
CVE-2021-45256 1 Nasm 1 Netwide Assembler 2022-01-10 4.3 MEDIUM 5.5 MEDIUM
A Null Pointer Dereference vulnerability existfs in nasm 2.16rc0 via asm/preproc.c.
CVE-2021-45257 1 Nasm 1 Netwide Assembler 2022-01-10 4.3 MEDIUM 5.5 MEDIUM
An infinite loop vulnerability exists in nasm 2.16rc0 via the gpaste_tokens function.
CVE-2020-18974 1 Nasm 1 Netwide Assembler 2021-09-14 4.3 MEDIUM 3.3 LOW
Buffer Overflow in Netwide Assembler (NASM) v2.15.xx allows attackers to cause a denial of service via 'crc64i' in the component 'nasmlib/crc64'. This issue is different than CVE-2019-7147.
CVE-2018-16517 1 Nasm 1 Netwide Assembler 2020-11-10 4.3 MEDIUM 5.5 MEDIUM
asm/labels.c in Netwide Assembler (NASM) is prone to NULL Pointer Dereference, which allows the attacker to cause a denial of service via a crafted file.
CVE-2020-24241 1 Nasm 1 Netwide Assembler 2020-09-04 4.3 MEDIUM 5.5 MEDIUM
In Netwide Assembler (NASM) 2.15rc10, there is heap use-after-free in saa_wbytes in nasmlib/saa.c.
CVE-2020-24242 1 Nasm 1 Netwide Assembler 2020-09-01 4.3 MEDIUM 5.5 MEDIUM
In Netwide Assembler (NASM) 2.15rc10, SEGV can be triggered in tok_text in asm/preproc.c by accessing READ memory.
CVE-2019-20334 1 Nasm 1 Netwide Assembler 2020-08-24 4.3 MEDIUM 5.5 MEDIUM
In Netwide Assembler (NASM) 2.14.02, stack consumption occurs in expr# functions in asm/eval.c. This potentially affects the relationships among expr0, expr1, expr2, expr3, expr4, expr5, and expr6 (and stdscan in asm/stdscan.c). This is similar to CVE-2019-6290 and CVE-2019-6291.
CVE-2019-6291 1 Nasm 1 Netwide Assembler 2020-08-24 4.3 MEDIUM 5.5 MEDIUM
An issue was discovered in the function expr6 in eval.c in Netwide Assembler (NASM) through 2.14.02. There is a stack exhaustion problem caused by the expr6 function making recursive calls to itself in certain scenarios involving lots of '!' or '+' or '-' characters. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted asm file.
CVE-2019-7147 1 Nasm 1 Netwide Assembler 2020-08-24 4.3 MEDIUM 5.5 MEDIUM
A buffer over-read exists in the function crc64ib in crc64.c in nasmlib in Netwide Assembler (NASM) 2.14rc16. A crafted asm input can cause segmentation faults, leading to denial-of-service.
CVE-2019-6290 1 Nasm 1 Netwide Assembler 2020-08-24 4.3 MEDIUM 5.5 MEDIUM
An infinite recursion issue was discovered in eval.c in Netwide Assembler (NASM) through 2.14.02. There is a stack exhaustion problem resulting from infinite recursion in the functions expr, rexp, bexpr and cexpr in certain scenarios involving lots of '{' characters. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted asm file.
CVE-2018-19214 2 Nasm, Redhat 2 Netwide Assembler, Enterprise Linux 2020-07-13 6.8 MEDIUM 7.8 HIGH
Netwide Assembler (NASM) 2.14rc15 has a heap-based buffer over-read in expand_mmac_params in asm/preproc.c for insufficient input.