Yasm Security Vulnerabilities and Issues — Yasm CVE List

Lucene search

Yasm ProjectYasm

13 matches found

CVE•added 2024/01/03 12:15 a.m.•56 views

CVE-2023-49556

Buffer Overflow vulnerability in YASM 1.3.0.86.g9def allows a remote attacker to cause a denial of service via the expr_delete_term function in the libyasm/expr.c component.

5.5CVSS5.4AI score0.00513EPSS

CVE•added 2024/01/03 12:15 a.m.•56 views

CVE-2023-49557

An issue in YASM 1.3.0.86.g9def allows a remote attacker to cause a denial of service via the yasm_section_bcs_first function in the libyasm/section.c component.

5.5CVSS5.3AI score0.00353EPSS

CVE•added 2023/04/12 4:15 p.m.•55 views

CVE-2023-29581

yasm 1.3.0.55.g101bc has a segmentation violation in the function delete_Token at modules/preprocs/nasm/nasm-pp.c. NOTE: although a libyasm application could become unavailable if this were exploited, the vendor's position is that there is no security relevance because there is either supposed to b...

5.5CVSS5.5AI score0.00033EPSS

CVE•added 2023/04/24 1:15 p.m.•53 views

CVE-2023-29579

yasm 1.3.0.55.g101bc was discovered to contain a stack overflow via the component yasm/yasm+0x43b466 in vsprintf. Note: This has been disputed by third parties who argue this is a bug and not a security issue because yasm is a standalone program not designed to run untrusted code.

5.5CVSS5.7AI score0.00037EPSS

CVE•added 2023/04/25 4:15 p.m.•52 views

CVE-2023-30402

YASM v1.3.0 was discovered to contain a heap overflow via the function handle_dot_label at /nasm/nasm-token.re. Note: This has been disputed by third parties who argue this is a bug and not a security issue because yasm is a standalone program not designed to run untrusted code.

5.5CVSS5.7AI score0.00037EPSS

CVE•added 2023/04/24 1:15 p.m.•51 views

CVE-2023-29582

yasm 1.3.0.55.g101bc was discovered to contain a stack overflow via the function parse_expr1 at /nasm/nasm-parse.c. Note: This has been disputed by third parties who argue this is a bug and not a security issue because yasm is a standalone program not designed to run untrusted code.

5.5CVSS5.7AI score0.0004EPSS

CVE•added 2024/01/03 12:15 a.m.•50 views

CVE-2023-49555

An issue in YASM 1.3.0.86.g9def allows a remote attacker to cause a denial of service via the expand_smacro function in the modules/preprocs/nasm/nasm-pp.c component.

5.5CVSS5.3AI score0.0043EPSS

CVE•added 2024/01/03 12:15 a.m.•49 views

CVE-2023-49558

An issue in YASM 1.3.0.86.g9def allows a remote attacker to cause a denial of service via the expand_mmac_params function in the modules/preprocs/nasm/nasm-pp.c component.

5.5CVSS5.3AI score0.00329EPSS

CVE•added 2024/01/03 12:15 a.m.•45 views

CVE-2023-49554

Use After Free vulnerability in YASM 1.3.0.86.g9def allows a remote attacker to cause a denial of service via the do_directive function in the modules/preprocs/nasm/nasm-pp.c component.

5.5CVSS5.4AI score0.00426EPSS

CVE•added 2023/05/17 3:15 p.m.•42 views

CVE-2023-31723

yasm 1.3.0.55.g101bc was discovered to contain a segmentation violation via the function expand_mmac_params at /nasm/nasm-pp.c.

5.5CVSS5.5AI score0.00024EPSS

CVE•added 2023/07/26 9:15 p.m.•40 views

CVE-2023-37732

Yasm v1.3.0.78 was found prone to NULL Pointer Dereference in /libyasm/intnum.c and /elf/elf.c, which allows the attacker to cause a denial of service via a crafted file.

5.5CVSS5.1AI score0.00026EPSS

CVE•added 2023/05/17 3:15 p.m.•39 views

CVE-2023-31725

yasm 1.3.0.55.g101bc was discovered to contain a heap-use-after-free via the function expand_mmac_params at yasm/modules/preprocs/nasm/nasm-pp.c.

5.5CVSS5.5AI score0.00023EPSS

CVE•added 2023/04/12 1:15 p.m.•37 views

CVE-2023-29580

yasm 1.3.0.55.g101bc was discovered to contain a segmentation violation via the component yasm_expr_create at /libyasm/expr.c.

5.5CVSS5.4AI score0.00065EPSS