745 matches found
SUSE CVE-2018-20538
There is a use-after-free at asm/preproc.c function ppgetline in Netwide Assembler NASM 2.14rc16 that will cause a denial of service during certain finishes tests...
SUSE CVE-2019-6291
An issue was discovered in the function expr6 in eval.c in Netwide Assembler NASM through 2.14.02. There is a stack exhaustion problem caused by the expr6 function making recursive calls to itself in certain scenarios involving lots of '!' or '+' or '-' characters. Remote attackers could leverage...
SUSE CVE-2019-6290
An infinite recursion issue was discovered in eval.c in Netwide Assembler NASM through 2.14.02. There is a stack exhaustion problem resulting from infinite recursion in the functions expr, rexp, bexpr and cexpr in certain scenarios involving lots of '' characters. Remote attackers could leverage...
SUSE CVE-2019-7147
A buffer over-read exists in the function crc64ib in crc64.c in nasmlib in Netwide Assembler NASM 2.14rc16. A crafted asm input can cause segmentation faults, leading to denial-of-service...
SUSE CVE-2019-8343
In Netwide Assembler NASM 2.14.02, there is a use-after-free in pastetokens in asm/preproc.c...
SUSE CVE-2019-14248
In libnasm.a in Netwide Assembler NASM 2.14.xx, asm/pragma.c allows a NULL pointer dereference in processpragma, searchpragmalist, and nasmsetlimit when "%pragma limit" is mishandled...
SUSE CVE-2019-20352
In Netwide Assembler NASM 2.15rc0, a heap-based buffer over-read occurs via a crafted .asm file in settextfree when called from expandonesmacro in asm/preproc.c...
SUSE CVE-2019-20334
In Netwide Assembler NASM 2.14.02, stack consumption occurs in expr functions in asm/eval.c. This potentially affects the relationships among expr0, expr1, expr2, expr3, expr4, expr5, and expr6 and stdscan in asm/stdscan.c. This is similar to CVE-2019-6290 and CVE-2019-6291...
SUSE CVE-2020-24242
In Netwide Assembler NASM 2.15rc10, SEGV can be triggered in toktext in asm/preproc.c by accessing READ memory...
SUSE CVE-2021-45257
An infinite loop vulnerability exists in nasm 2.16rc0 via the gpastetokens function...
SUSE CVE-2022-46456
NASM v2.16 was discovered to contain a global buffer overflow in the component dbgdbgtypevalue at /output/outdbg.c...
SUSE CVE-2022-46457
NASM v2.16 was discovered to contain a segmentation violation in the component ieeewritefile at /output/outieee.c...
NASM v2.16 was discovered to contain a segmentation violation in the component ieee_write_file at /output/outieee.c.
...
DEBIAN-CVE-2022-46457
NASM v2.16 was discovered to contain a segmentation violation in the component ieeewritefile at /output/outieee.c...
UBUNTU-CVE-2022-46456
NASM v2.16 was discovered to contain a global buffer overflow in the component dbgdbgtypevalue at /output/outdbg.c...
PT-2023-9324 · Unknown +2 · Netwide Assembler +2
Name of the Vulnerable Software and Affected Versions: Netwide Assembler NASM version 2.16 Description: The issue is related to a segmentation violation in the ieee write file component at /output/outieee.c of the Netwide Assembler NASM. This can lead to a denial of service. The problem is...
PT-2023-9325 · Unknown +2 · Netwide Assembler +2
Name of the Vulnerable Software and Affected Versions: Netwide Assembler NASM version 2.16 Description: The issue is related to a global buffer overflow in the dbgdbg typevalue component at /output/outdbg.c. This can potentially allow an attacker to disclose protected information or cause a denia...
CVE-2022-20418
In pickStartSeq of AAVCAssembler.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12...
DEBIAN-CVE-2022-41420
nasm v2.16 was discovered to contain a stack overflow in the Ndisasm component...
Ubuntu: Security Advisory (USN-366-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...