PT-2025-32538 · Unknown +1 · Nasm Netwide Assembler +1

Name of the Vulnerable Software and Affected Versions: NASM Netwide Assembler version 2.17rc0 Description: A flaw exists in the parse smacro template function within the preproc.c file. This issue leads to a null pointer dereference. Local access is required for exploitation. An exploit has been...

PT-2025-32541 · Unknown +1 · Nasm Netwide Assembler +1

Name of the Vulnerable Software and Affected Versions: NASM Netwide Assembler version 2.17rc0 Description: A stack-based buffer overflow exists in the parse line function within the parser.c file. The issue is locally exploitable and has been publicly disclosed. Recommendations: At the moment,...

PT-2025-32537 · Unknown +1 · Nasm Netwide Assember +1

Name of the Vulnerable Software and Affected Versions: NASM Netwide Assember version 2.17rc0 Description: A heap-based buffer overflow exists in the macho no dead strip function within the outmacho.c file. Local access is required for exploitation. The exploit for this issue has been publicly...

PT-2025-32539 · Unknown +1 · Nasm Netwide Assembler +1

Name of the Vulnerable Software and Affected Versions: NASM Netwide Assembler version 2.17rc0 Description: A stack-based buffer overflow issue was identified in the assemble file function within the nasm.c file. The issue can be exploited on the local host. The exploit has been publicly disclosed...

ROS-20240904-06

A vulnerability in the yasmintnumcopy function of the YASM assembler is related to the lack of memory release after the effective lifetime. Exploitation of the vulnerability could allow an attacker to gain access to the sensitive data...

Medium: nasm

Issue Overview: Null pointer dereference in ieeewritefile in nasm 2.16rc0 allows attackers to cause a denial of service crash. CVE-2023-38665 Affected Packages: nasm Issue Correction: Run dnf update nasm --releasever 2023.4.20240611 or dnf update --advisory ALAS2023-2024-642 --releasever...

CVE-2023-52750

In the Linux kernel, the following vulnerability has been resolved: arm64: Restrict CPUBIGENDIAN to GNU as or LLVM IAS 15.x or newer Prior to LLVM 15.0.0, LLVM's integrated assembler would incorrectly byte-swap NOP when compiling for big-endian, and the resulting series of bytes happened to match...

SUSE CVE-2023-52750

In the Linux kernel, the following vulnerability has been resolved: arm64: Restrict CPUBIGENDIAN to GNU as or LLVM IAS 15.x or newer Prior to LLVM 15.0.0, LLVM's integrated assembler would incorrectly byte-swap NOP when compiling for big-endian, and the resulting series of bytes happened to match...

UBUNTU-CVE-2023-52750

In the Linux kernel, the following vulnerability has been resolved: arm64: Restrict CPUBIGENDIAN to GNU as or LLVM IAS 15.x or newer Prior to LLVM 15.0.0, LLVM's integrated assembler would incorrectly byte-swap NOP when compiling for big-endian, and the resulting series of bytes happened to match...

RHEL 8 : nasm (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - nasm: use-after-free in pastetokens in asm/preproc.c CVE-2019-8343 - NASM nasm-2.13.03 nasm- 2.14rc15...

ROS-20240409-09

Vulnerability of yasmsectionbcsfirst function of YASM assembler is related to uncontrolled consumption of resources. Exploitation of the vulnerability may allow an attacker to cause a denial of service A vulnerability in the exprdeleteterm function of the YASM assembler is associated with an...

CVE-2024-26706

In the Linux kernel, the following vulnerability has been resolved: parisc: Fix random data corruption from exception handler The current exception handler implementation, which assists when accessing user space memory, may exhibit random data corruption if the compiler decides to use a different...

openSUSE: Security Advisory for openssl (SUSE-SU-2023:3397-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

DEBIAN-CVE-2023-51258

A memory leak issue discovered in YASM v.1.3.0 allows a local attacker to cause a denial of service via the newToken function in the modules/preprocs/nasm/nasm-pp:1512...

DEBIAN-CVE-2023-52322

ecrire/public/assembler.php in SPIP before 4.1.13 and 4.2.x before 4.2.7 allows XSS because input from request is not restricted to safe characters such as alphanumerics...

UBUNTU-CVE-2023-52322

ecrire/public/assembler.php in SPIP before 4.1.13 and 4.2.x before 4.2.7 allows XSS because input from request is not restricted to safe characters such as alphanumerics...

SPIP Cross-Site Scripting Vulnerability

SPIP is a freeware program from SPIP for creating Internet sites. A cross-site scripting vulnerability exists in SPIP versions prior to 4.1.3 and 4.2.7, which stems from cross-site scripting in ecrire/public/assembler.php...

Buffer Overflow

Overview Affected versions of this package are vulnerable to Buffer Overflow via the exprdeleteterm function in the libyasm/expr.c component. An attacker can cause a crash or service by sending a crafted input. Remediation There is no fixed version for yasm. References - GitHub Issue - Vulnerable...

YASM Security Vulnerabilities

yasm is a completely rewritten Netwide assembler from the yasm open source. A security vulnerability exists in YASM version 1.3.0.86.g9def, which originated from allowing an attacker to cause a denial of service DOS via the YASMsectionbcsfirst function in the libyasm/section.c component...

YASM Security Vulnerabilities

yasm is a completely rewritten Netwide assembler from the yasm open source. A security vulnerability exists in YASM version 1.3.0.86.g9def, which stems from a Denial of Service DOS vulnerability in the expandsmacro function in the /preprocs/nasm/nasm-pp.c component...