Page 2 of 15 results (0.002 seconds)

CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 1

Netwide Assembler (NASM) before 2.13.02 has a use-after-free in detoken at asm/preproc.c. Netwide Assembler (NASM) en versiones anteriores a la 2.13.02 tiene un uso de memoria previamente liberada en detoken en asm/preproc.c. • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00015.html http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00017.html https://bugzilla.nasm.us/show_bug.cgi?id=3392424 https://repo.or.cz/nasm.git/commitdiff/9b7ee09abfd426b99aa1ea81d19a3b2818eeabf9 • CWE-416: Use After Free •

CVSS: 5.5EPSS: 0%CPEs: 16EXPL: 4

asm/labels.c in Netwide Assembler (NASM) is prone to NULL Pointer Dereference, which allows the attacker to cause a denial of service via a crafted file. asm/labels.c en Netwide Assembler (NASM) es propenso a una desreferencia de puntero NULL, lo que permite que el atacante provoque una denegación de servicio (DoS) mediante un archivo manipulado. • https://www.exploit-db.com/exploits/46726 http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00015.html http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00017.html http://packetstormsecurity.com/files/152566/Netwide-Assembler-NASM-2.14rc15-Null-Pointer-Dereference.html https://bugzilla.nasm.us/show_bug.cgi?id=3392513 https://fakhrizulkifli.github.io/CVE-2018-16517.html • CWE-476: NULL Pointer Dereference •

CVSS: 5.5EPSS: 0%CPEs: 16EXPL: 2

NASM nasm-2.13.03 nasm- 2.14rc15 version 2.14rc15 and earlier contains a memory corruption (crashed) of nasm when handling a crafted file due to function assemble_file(inname, depend_ptr) at asm/nasm.c:482. vulnerability in function assemble_file(inname, depend_ptr) at asm/nasm.c:482. that can result in aborting/crash nasm program. This attack appear to be exploitable via a specially crafted asm file.. NASM nasm-2.13.03 nasm- 2.14rc15 en su versión 2.14rc15 y anteriores contiene una corrupción de memoria (cerrada inesperadamente) de nasm al manejar un archivo manipulado debido a una vulnerabilidad en la función assemble_file(inname, depend_ptr) en asm/nasm.c:482 que puede resultar en el cierre inesperado del programa nasm. Este ataque parece ser explotable mediante un archivo asm especialmente manipulado. • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00015.html http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00017.html https://bugzilla.nasm.us/show_bug.cgi?id=3392507 https://github.com/cyrillos/nasm/issues/3 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1

Netwide Assembler (NASM) 2.13 has a stack-based buffer over-read in the disasm function of the disasm/disasm.c file. Remote attackers could leverage this vulnerability to cause a denial of service or possibly have unspecified other impact via a crafted ELF file. Netwide Assembler (NASM) tiene una sobrelectura de búfer basada en pila en la función disasm del archivo disasm/disasm.c. Los atacantes remotos pueden aprovechar esta vulnerabilidad para provocar una denegación de servicio (DoS) o, posiblemente, otro tipo de impacto sin especificar mediante un archivo ELF manipulado. • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00015.html http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00017.html https://sourceforge.net/p/nasm/bugs/561 • CWE-125: Out-of-bounds Read •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

Netwide Assembler (NASM) 2.13.02rc2 has a buffer over-read in the parse_line function in asm/parser.c via uncontrolled access to nasm_reg_flags. Netwide Assembler (NASM) 2.13.02rc2 tiene una sobrelectura de búfer en la función parse_line en asm/parser.c mediante el acceso no controlado a nasm_reg_flags. • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00015.html http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00017.html https://bugzilla.nasm.us/show_bug.cgi?id=3392447 • CWE-125: Out-of-bounds Read •