Netwide Assembler Security Vulnerabilities and Issues — Netwide Assembler CVE List

Lucene search

NasmNetwide Assembler

15 matches found

CVE•added 2023/01/04 6:15 p.m.•188 views

CVE-2022-46456

NASM v2.16 was discovered to contain a global buffer overflow in the component dbgdbg_typevalue at /output/outdbg.c.

7.8CVSS6.3AI score0.00045EPSS

CVE•added 2018/11/12 7:29 p.m.•153 views

CVE-2018-19214

Netwide Assembler (NASM) 2.14rc15 has a heap-based buffer over-read in expand_mmac_params in asm/preproc.c for insufficient input.

7.8CVSS6.2AI score0.00223EPSS

CVE•added 2018/11/12 7:29 p.m.•144 views

CVE-2018-19215

Netwide Assembler (NASM) 2.14rc16 has a heap-based buffer over-read in expand_mmac_params in asm/preproc.c for the special cases of the % and $ and ! characters.

7.8CVSS6.2AI score0.00223EPSS

CVE•added 2018/04/21 4:29 p.m.•139 views

CVE-2018-10254

Netwide Assembler (NASM) 2.13 has a stack-based buffer over-read in the disasm function of the disasm/disasm.c file. Remote attackers could leverage this vulnerability to cause a denial of service or possibly have unspecified other impact via a crafted ELF file.

7.8CVSS6.7AI score0.0027EPSS

CVE•added 2018/03/20 11:29 p.m.•139 views

CVE-2018-8881

Netwide Assembler (NASM) 2.13.02rc2 has a heap-based buffer over-read in the function tokenize in asm/preproc.c, related to an unterminated string.

7.3CVSS6.1AI score0.00215EPSS

CVE•added 2018/03/20 11:29 p.m.•139 views

CVE-2018-8883

Netwide Assembler (NASM) 2.13.02rc2 has a buffer over-read in the parse_line function in asm/parser.c via uncontrolled access to nasm_reg_flags.

7.8CVSS6.1AI score0.00145EPSS

CVE•added 2018/03/20 11:29 p.m.•136 views

CVE-2018-8882

Netwide Assembler (NASM) 2.13.02rc2 has a stack-based buffer under-read in the function ieee_shr in asm/float.c via a large shift value.

7.8CVSS6.1AI score0.00145EPSS

CVE•added 2018/11/12 7:29 p.m.•134 views

CVE-2018-19216

Netwide Assembler (NASM) before 2.13.02 has a use-after-free in detoken at asm/preproc.c.

7.8CVSS6.1AI score0.00239EPSS

CVE•added 2020/01/06 6:15 a.m.•100 views

CVE-2019-20352

In Netwide Assembler (NASM) 2.15rc0, a heap-based buffer over-read occurs (via a crafted .asm file) in set_text_free when called from expand_one_smacro in asm/preproc.c.

7.1CVSS6.8AI score0.00297EPSS

CVE•added 2017/06/29 11:29 p.m.•95 views

CVE-2017-10686

In Netwide Assembler (NASM) 2.14rc0, there are multiple heap use after free vulnerabilities in the tool nasm. The related heap is allocated in the token() function and freed in the detoken() function (called by pp_getline()) - it is used again at multiple positions later that could cause multiple d...

7.8CVSS8.3AI score0.00621EPSS

CVE•added 2017/07/08 5:29 p.m.•58 views

CVE-2017-11111

In Netwide Assembler (NASM) 2.14rc0, preproc.c allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted file.

7.8CVSS6.9AI score0.00253EPSS

CVE•added 2017/12/21 3:29 a.m.•57 views

CVE-2017-17818

In Netwide Assembler (NASM) 2.14rc0, there is a heap-based buffer over-read that will cause a remote denial of service attack, related to a while loop in paste_tokens in asm/preproc.c.

7.5CVSS7.3AI score0.00683EPSS

CVE•added 2019/02/15 7:29 a.m.•56 views

CVE-2019-8343

In Netwide Assembler (NASM) 2.14.02, there is a use-after-free in paste_tokens in asm/preproc.c.

7.8CVSS7.4AI score0.00137EPSS

CVE•added 2023/03/29 8:15 p.m.•43 views

CVE-2022-44370

NASM v2.16 was discovered to contain a heap buffer overflow in the component quote_for_pmake() asm/nasm.c:856

7.8CVSS7.6AI score0.00059EPSS

CVE•added 2023/05/17 2:15 p.m.•38 views

CVE-2023-31722

There exists a heap buffer overflow in nasm 2.16.02rc1 (GitHub commit: b952891).

7.8CVSS7.7AI score0.00089EPSS