CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2018-16999
https://notcve.org/view.php?id=CVE-2018-16999
13 Sep 2018 — Netwide Assembler (NASM) 2.14rc15 has an invalid memory write (segmentation fault) in expand_smacro in preproc.c, which allows attackers to cause a denial of service via a crafted input file. Netwide Assembler (NASM) 2.14rc15 tiene una escritura de memoria inválida (fallo de segmentación) en expand_smacro en preproc.c, lo que permite que los atacantes provoquen una denegación de servicio (DoS) mediante un archivo de entradas manipulado. • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00015.html • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 1%CPEs: 16EXPL: 5CVE-2018-16517 – Netwide Assembler (NASM) 2.14rc15 - NULL Pointer Dereference (PoC)
https://notcve.org/view.php?id=CVE-2018-16517
06 Sep 2018 — asm/labels.c in Netwide Assembler (NASM) is prone to NULL Pointer Dereference, which allows the attacker to cause a denial of service via a crafted file. asm/labels.c en Netwide Assembler (NASM) es propenso a una desreferencia de puntero NULL, lo que permite que el atacante provoque una denegación de servicio (DoS) mediante un archivo manipulado. • https://packetstorm.news/files/id/152566 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 16EXPL: 2CVE-2018-1000667
https://notcve.org/view.php?id=CVE-2018-1000667
06 Sep 2018 — NASM nasm-2.13.03 nasm- 2.14rc15 version 2.14rc15 and earlier contains a memory corruption (crashed) of nasm when handling a crafted file due to function assemble_file(inname, depend_ptr) at asm/nasm.c:482. vulnerability in function assemble_file(inname, depend_ptr) at asm/nasm.c:482. that can result in aborting/crash nasm program. This attack appear to be exploitable via a specially crafted asm file.. NASM nasm-2.13.03 nasm- 2.14rc15 en su versión 2.14rc15 y anteriores contiene una corrupción de memoria (c... • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00015.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2018-16382
https://notcve.org/view.php?id=CVE-2018-16382
03 Sep 2018 — Netwide Assembler (NASM) 2.14rc15 has a buffer over-read in x86/regflags.c. Netwide Assembler (NASM) 2.14rc15 tiene una sobrelectura de búfer en x86/regflags.c. • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00015.html • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2018-10316
https://notcve.org/view.php?id=CVE-2018-10316
24 Apr 2018 — Netwide Assembler (NASM) 2.14rc0 has an endless while loop in the assemble_file function of asm/nasm.c because of a globallineno integer overflow. Netwide Assembler (NASM) 2.14rc0 tiene un bucle infinito en while en la función assemble_file de asm/nasm.c debido a un desbordamiento de enteros en globallineno. • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00015.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2018-10254
https://notcve.org/view.php?id=CVE-2018-10254
21 Apr 2018 — Netwide Assembler (NASM) 2.13 has a stack-based buffer over-read in the disasm function of the disasm/disasm.c file. Remote attackers could leverage this vulnerability to cause a denial of service or possibly have unspecified other impact via a crafted ELF file. Netwide Assembler (NASM) tiene una sobrelectura de búfer basada en pila en la función disasm del archivo disasm/disasm.c. Los atacantes remotos pueden aprovechar esta vulnerabilidad para provocar una denegación de servicio (DoS) o, posiblemente, otr... • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00015.html • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2018-10016
https://notcve.org/view.php?id=CVE-2018-10016
11 Apr 2018 — Netwide Assembler (NASM) 2.14rc0 has a division-by-zero vulnerability in the expr5 function in asm/eval.c via a malformed input file. Netwide Assembler (NASM) 2.14rc0 tiene una vulnerabilidad de división entre cero en la función expr5 en asm/eval.c mediante un archivo de entradas mal formado. • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00015.html • CWE-369: Divide By Zero •
CVSS: 7.3EPSS: 0%CPEs: 2EXPL: 0CVE-2018-8881 – Ubuntu Security Notice USN-3694-1
https://notcve.org/view.php?id=CVE-2018-8881
20 Mar 2018 — Netwide Assembler (NASM) 2.13.02rc2 has a heap-based buffer over-read in the function tokenize in asm/preproc.c, related to an unterminated string. Netwide Assembler (NASM) 2.13.02rc2 tiene una sobrelectura de búfer basada en memoria dinámica (heap) en la función tokenize en asm/preproc.c. Esto se relaciona con una cadena no finalizada. It was discovered that NASM incorrectly handled certain source files. If a user or automated system were tricked into processing a specially crafted source file, a remote at... • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00015.html • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-8882
https://notcve.org/view.php?id=CVE-2018-8882
20 Mar 2018 — Netwide Assembler (NASM) 2.13.02rc2 has a stack-based buffer under-read in the function ieee_shr in asm/float.c via a large shift value. Netwide Assembler (NASM) 2.13.02rc2 tiene una sublectura de búfer basada en pila en la función ieee_shr en asm/float.c. Esto se relaciona con un gran valor de desplazamiento. • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00015.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-8883
https://notcve.org/view.php?id=CVE-2018-8883
20 Mar 2018 — Netwide Assembler (NASM) 2.13.02rc2 has a buffer over-read in the parse_line function in asm/parser.c via uncontrolled access to nasm_reg_flags. Netwide Assembler (NASM) 2.13.02rc2 tiene una sobrelectura de búfer en la función parse_line en asm/parser.c mediante el acceso no controlado a nasm_reg_flags. • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00015.html • CWE-125: Out-of-bounds Read •