CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 1CVE-2018-19216
https://notcve.org/view.php?id=CVE-2018-19216
Netwide Assembler (NASM) before 2.13.02 has a use-after-free in detoken at asm/preproc.c. Netwide Assembler (NASM) en versiones anteriores a la 2.13.02 tiene un uso de memoria previamente liberada en detoken en asm/preproc.c. • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00015.html http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00017.html https://bugzilla.nasm.us/show_bug.cgi?id=3392424 https://repo.or.cz/nasm.git/commitdiff/9b7ee09abfd426b99aa1ea81d19a3b2818eeabf9 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 1CVE-2018-19215
https://notcve.org/view.php?id=CVE-2018-19215
Netwide Assembler (NASM) 2.14rc16 has a heap-based buffer over-read in expand_mmac_params in asm/preproc.c for the special cases of the % and $ and ! characters. Netwide Assembler (NASM) 2.14rc16 tiene una sobrelectura de búfer basada en memoria dinámica (heap) en expand_mmac_params en asm/preproc.c para los casos especiales de los caracteres % y $. • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00015.html http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00017.html https://bugzilla.nasm.us/show_bug.cgi?id=3392525 https://repo.or.cz/nasm.git/commit/4b5b737d4991578b1918303dc0fd9c9ab5c7ce4f • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 1CVE-2018-19214
https://notcve.org/view.php?id=CVE-2018-19214
Netwide Assembler (NASM) 2.14rc15 has a heap-based buffer over-read in expand_mmac_params in asm/preproc.c for insufficient input. Netwide Assembler (NASM) 2.14rc15 tiene una sobrelectura de búfer basada en memoria dinámica (heap) en expand_mmac_params en asm/preproc.c para las entradas insuficientes. • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00015.html http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00017.html https://bugzilla.nasm.us/show_bug.cgi?id=3392521 https://repo.or.cz/nasm.git/commit/661f723d39e03ca6eb05d7376a43ca33db478354 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2018-19209
https://notcve.org/view.php?id=CVE-2018-19209
Netwide Assembler (NASM) 2.14rc15 has a NULL pointer dereference in the function find_label in asm/labels.c that will lead to a DoS attack. Netwide Assembler (NASM) 2.14rc15 tiene una desreferencia de puntero NULL en la función find_label en asm/labels.c que conducirá a un ataque de denegación de servicio (DoS). • https://bugzilla.suse.com/show_bug.cgi?id=1115797 https://repo.or.cz/nasm.git/commitdiff/e996d28c70d45008085322b442b44a9224308548 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2018-19213
https://notcve.org/view.php?id=CVE-2018-19213
Netwide Assembler (NASM) through 2.14rc16 has memory leaks that may lead to DoS, related to nasm_malloc in nasmlib/malloc.c. Netwide Assembler (NASM) hasta la versión 2.14rc16 tiene fugas de memoria que podrían conducir a una denegación de servicio (DoS), relacionado con nasm_malloc en nasmlib/malloc.c. • https://bugzilla.nasm.us/show_bug.cgi?id=3392524 • CWE-772: Missing Release of Resource after Effective Lifetime •