26 matches found
Linux Distros Unpatched Vulnerability : CVE-2024-22653
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - yasm commit 9defefae was discovered to contain a NULL pointer dereference via the yasmsectionbcsappend function at section.c. CVE-2024-22653 Note that Nessus...
Linux Distros Unpatched Vulnerability : CVE-2023-29582
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - yasm 1.3.0.55.g101bc was discovered to contain a stack overflow via the function parseexpr1 at /nasm/nasm-parse.c. Note: This has been disputed by third parties...
Linux Distros Unpatched Vulnerability : CVE-2023-29580
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - yasm 1.3.0.55.g101bc was discovered to contain a segmentation violation via the component yasmexprcreate at /libyasm/expr.c. CVE-2023-29580 Note that Nessus...
CVE-2024-22653 affecting package yasm for versions less than 1.3.0-17
CVE-2024-22653 affecting package yasm for versions less than 1.3.0-17. A patched version of the package is available...
Fedora: Security Advisory (FEDORA-2025-5bd2ac3698)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
TencentOS Server 4: yasm (TSSA-2025:0064)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0064 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...
CVE-2021-33459 affecting package yasm 1.3.0-17
CVE-2021-33459 affecting package yasm 1.3.0-17. No patch is available currently...
CVE-2021-33466 affecting package yasm 1.3.0-17
CVE-2021-33466 affecting package yasm 1.3.0-17. No patch is available currently...
CVE-2021-33461 affecting package yasm 1.3.0-14
CVE-2021-33461 affecting package yasm 1.3.0-14. This CVE either no longer is or was never applicable...
CVE-2021-33454 affecting package yasm for versions less than 1.3.0-15
CVE-2021-33454 affecting package yasm for versions less than 1.3.0-15. A patched version of the package is available...
CVE-2021-33454 affecting package yasm for versions less than 1.3.0-15
CVE-2021-33454 affecting package yasm for versions less than 1.3.0-15. A patched version of the package is available...
AZL-33896 CVE-2023-51258 affecting package yasm for versions less than 1.3.0-16
A memory leak issue discovered in YASM v.1.3.0 allows a local attacker to cause a denial of service via the newToken function in the modules/preprocs/nasm/nasm-pp:1512...
AZL-27658 CVE-2023-37732 affecting package yasm for versions less than 1.3.0-16
Yasm v1.3.0.78 was found prone to NULL Pointer Dereference in /libyasm/intnum.c and /elf/elf.c, which allows the attacker to cause a denial of service via a crafted file...
AZL-35390 CVE-2023-31723 affecting package yasm 1.3.0-17
yasm 1.3.0.55.g101bc was discovered to contain a segmentation violation via the function expandmmacparams at /nasm/nasm-pp.c...
AZL-26739 CVE-2023-31723 affecting package yasm 1.3.0-17
yasm 1.3.0.55.g101bc was discovered to contain a segmentation violation via the function expandmmacparams at /nasm/nasm-pp.c...
Use After Free
Overview Affected versions of this package are vulnerable to Use After Free via the error function at /nasm/nasm-pp.c. Remediation There is no fixed version for yasm. References - GitHub Issue - PoC Credit: randomssr...
AZL-26632 CVE-2023-31975 affecting package yasm for versions less than 1.3.0-14
yasm v1.3.0 was discovered to contain a memory leak via the function yasmintnumcopy at /libyasm/intnum.c. Note: Multiple third parties dispute this as a bug and not a vulnerability according to the YASM security policy...
AZL-35380 CVE-2023-31972 affecting package yasm 1.3.0-17
yasm v1.3.0 was discovered to contain a use after free via the function ppgetline at /nasm/nasm-pp.c. Note: Multiple third parties dispute this as a bug and not a vulnerability according to the YASM security policy...
AZL-26633 CVE-2023-31972 affecting package yasm 1.3.0-17
yasm v1.3.0 was discovered to contain a use after free via the function ppgetline at /nasm/nasm-pp.c. Note: Multiple third parties dispute this as a bug and not a vulnerability according to the YASM security policy...
AZL-26359 CVE-2023-30402 affecting package yasm 1.3.0-17
YASM v1.3.0 was discovered to contain a heap overflow via the function handledotlabel at /nasm/nasm-token.re. Note: This has been disputed by third parties who argue this is a bug and not a security issue because yasm is a standalone program not designed to run untrusted code...