External Control of File Name or Path

Overview bugsink is a Self-hosted Error Tracking Affected versions of this package are vulnerable to External Control of File Name or Path in the artifactbundle/assemble endpoint. An authenticated attacker can create or overwrite files within locations writable by the service account by supplying...

EUVD-2026-21515

Bugsink affected by authenticated arbitrary file write in artifactbundle/assemble...

[SECURITY] Fedora 43 Update: avr-binutils-2.45-4.fc43.1

This is a Cross Compiling version of GNU binutils, which can be used to assemble and link binaries for the avr platform, instead of for the native i386 platform...

Remote Code Execution (RCE)

craftcms/cms is vulnerable to Remote Code Execution RCE. The vulnerability is due to improper sanitization of user-supplied configuration data in the assembleLayoutFromPost function before passing it to Craft::createObject, which allows an authenticated administrator to inject malicious Yii2...

GHSA-7JX7-3846-M7W7 Craft CMS Vulnerable to potential authenticated Remote Code Execution via malicious attached Behavior

Relationship to Previously Patched Vulnerability This vulnerability is in addition to the RCE vulnerability patched in GHSA-255j-qw47-wjh5. That advisory addressed a similar RCE vulnerability that affected two specific routes: - /index.php?p=admin%2Factions%2Ffields%2Fapply-layout-element-setting...

EUVD-2025-24143

Malicious code in bioql PyPI...

NASM Netwide Assember nasm.c assemble_file stack-based overflow

...

Linux Distros Unpatched Vulnerability : CVE-2025-8845

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was identified in NASM Netwide Assember 2.17rc0. This issue affects the function assemblefile of the file nasm.c. The manipulation leads to...

CVE-2025-8845

A vulnerability was identified in NASM Netwide Assember 2.17rc0. This issue affects the function assemblefile of the file nasm.c. The manipulation leads to stack-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be...

CVE-2025-8845

A vulnerability was identified in NASM Netwide Assember 2.17rc0. This issue affects the function assemblefile of the file nasm.c. The manipulation leads to stack-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be...

DEBIAN-CVE-2025-8845

A vulnerability was identified in NASM Netwide Assember 2.17rc0. This issue affects the function assemblefile of the file nasm.c. The manipulation leads to stack-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be...

UBUNTU-CVE-2025-8845

A vulnerability was identified in NASM Netwide Assember 2.17rc0. This issue affects the function assemblefile of the file nasm.c. The manipulation leads to stack-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be...

Stack-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Stack-based Buffer Overflow via the assemblefile function in nasm.c. An attacker can cause a denial of service or unintended behavior by providing specially crafted input during processing. Remediation There is no fixed version for nasm...

CVE-2025-8845

The CVE-2025-8845 vulnerability affects NASM Netwide Assembler 2.17rc0, specifically the assemble_file function in nasm.c. The issue is a stack-based buffer overflow that can be triggered from local execution, and the exploit has been disclosed publicly. The connected documents provide concrete d...

CVE-2025-8845 NASM Netwide Assember nasm.c assemble_file stack-based overflow

A vulnerability was identified in NASM Netwide Assember 2.17rc0. This issue affects the function assemblefile of the file nasm.c. The manipulation leads to stack-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be...

SUSE CVE-2018-10316

Netwide Assembler NASM 2.14rc0 has an endless while loop in the assemblefile function of asm/nasm.c because of a globallineno integer overflow...

SUSE CVE-2018-1000667

NASM nasm-2.13.03 nasm- 2.14rc15 version 2.14rc15 and earlier contains a memory corruption crashed of nasm when handling a crafted file due to function assemblefileinname, dependptr at asm/nasm.c:482. vulnerability in function assemblefileinname, dependptr at asm/nasm.c:482. that can result in...

Patching - An Interactive Binary Patching Plugin For IDA Pro

Patching assembly code to change the behavior of an existing program is not uncommon in malware analysis, software reverse engineering, and broader domains of security research. This project extends the popular IDA Pro disassembler to create a more robust interactive binary patching workflow...

Ansible: modules which use files encrypted with vault are not properly cleaned up

A flaw was found on Ansible Engine when using modules which decrypts vault files such as assemble, script, unarchive, wincopy, awss3 or copy modules. The temporary directory is created in /tmp leaves the secrets unencrypted. On Operating Systems which /tmp is not a tmpfs but part of the root...

radare2 'assemble' function heap buffer overflow vulnerability

radare2 is a set of libraries and tools for working with binary files. A heap buffer overflow vulnerability exists in the 'assemble' function of the libr/asm/p/asmarmcs.c file in radare2 3.1.3 and earlier versions. An attacker can exploit this vulnerability to cause a denial of service applicatio...