CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-8883
https://notcve.org/view.php?id=CVE-2018-8883
Netwide Assembler (NASM) 2.13.02rc2 has a buffer over-read in the parse_line function in asm/parser.c via uncontrolled access to nasm_reg_flags. Netwide Assembler (NASM) 2.13.02rc2 tiene una sobrelectura de búfer en la función parse_line en asm/parser.c mediante el acceso no controlado a nasm_reg_flags. • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00015.html http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00017.html https://bugzilla.nasm.us/show_bug.cgi?id=3392447 • CWE-125: Out-of-bounds Read •
CVSS: 7.3EPSS: 0%CPEs: 2EXPL: 0CVE-2018-8881
https://notcve.org/view.php?id=CVE-2018-8881
Netwide Assembler (NASM) 2.13.02rc2 has a heap-based buffer over-read in the function tokenize in asm/preproc.c, related to an unterminated string. Netwide Assembler (NASM) 2.13.02rc2 tiene una sobrelectura de búfer basada en memoria dinámica (heap) en la función tokenize en asm/preproc.c. Esto se relaciona con una cadena no finalizada. • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00015.html http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00017.html https://bugzilla.nasm.us/show_bug.cgi?id=3392446 https://usn.ubuntu.com/3694-1 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 1CVE-2017-17810
https://notcve.org/view.php?id=CVE-2017-17810
In Netwide Assembler (NASM) 2.14rc0, there is a "SEGV on unknown address" that will cause a remote denial of service attack, because asm/preproc.c mishandles macro calls that have the wrong number of arguments. En Netwide Assembler (NASM) 2.14rc0, existe un "SEGV en dirección desconocida" que provocaría un ataque de denegación de servicio remoto, porque asm/preproc.c maneja incorrectamente las llamadas macro que tienen el número incorrecto de argumentos. • http://repo.or.cz/nasm.git/commit/59ce1c67b16967c652765e62aa130b7e43f21dd4 https://bugzilla.nasm.us/show_bug.cgi?id=3392431 https://usn.ubuntu.com/3694-1 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 1CVE-2017-17811
https://notcve.org/view.php?id=CVE-2017-17811
In Netwide Assembler (NASM) 2.14rc0, there is a heap-based buffer overflow that will cause a remote denial of service attack, related to a strcpy in paste_tokens in asm/preproc.c, a similar issue to CVE-2017-11111. En Netwide Assembler (NASM) 2.14rc0, existe un desbordamiento de búfer basado en memoria dinámica (heap) que podría provocar un ataque de denegación de servicio (DoS) remoto, relacionado con un strcpy en paste_tokens en asm/preproc.c. Esta es una vulnerabilidad parecida a CVE-2017-11111. • https://bugzilla.nasm.us/show_bug.cgi?id=3392432 https://usn.ubuntu.com/3694-1 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 1CVE-2017-17812
https://notcve.org/view.php?id=CVE-2017-17812
In Netwide Assembler (NASM) 2.14rc0, there is a heap-based buffer over-read in the function detoken() in asm/preproc.c that will cause a remote denial of service attack. En Netwide Assembler (NASM) 2.14rc0, existe una sobrelectura de búfer basada en memoria dinámica (heap) en la función detoken() en asm/preproc.c que podría provocar un ataque de denegación de servicio (DoS) remoto. • http://repo.or.cz/nasm.git/commit/9b7ee09abfd426b99aa1ea81d19a3b2818eeabf9 https://bugzilla.nasm.us/show_bug.cgi?id=3392424 https://usn.ubuntu.com/3694-1 • CWE-125: Out-of-bounds Read •