CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2022-29654
https://notcve.org/view.php?id=CVE-2022-29654
22 Aug 2023 — Buffer overflow vulnerability in quote_for_pmake in asm/nasm.c in nasm before 2.15.05 allows attackers to cause a denial of service via crafted file. La vulnerabilidad de desbordamiento de búfer en quote_for_pmake en asm/nasm.c en nasm antes de 2.15.05 permite a los atacantes provocar una denegación de servicio a través de un archivo diseñado. • https://gcc.gnu.org/onlinedocs/gcc/Instrumentation-Options.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2020-21686
https://notcve.org/view.php?id=CVE-2020-21686
22 Aug 2023 — A stack-use-after-scope issue discovered in expand_mmac_params function in preproc.c in nasm before 2.15.04 allows remote attackers to cause a denial of service via crafted asm file. • https://bugzilla.nasm.us/show_bug.cgi?id=3392643 • CWE-562: Return of Stack Variable Address •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2022-44370 – Gentoo Linux Security Advisory 202312-09
https://notcve.org/view.php?id=CVE-2022-44370
29 Mar 2023 — NASM v2.16 was discovered to contain a heap buffer overflow in the component quote_for_pmake() asm/nasm.c:856 Multiple vulnerabilities have been discovered in NASM, the worst of which could lead to arbitrary code execution. Versions greater than or equal to 2.16.01 are affected. • https://bugzilla.nasm.us/show_bug.cgi?id=3392815 • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2019-6290
https://notcve.org/view.php?id=CVE-2019-6290
15 Jan 2019 — An infinite recursion issue was discovered in eval.c in Netwide Assembler (NASM) through 2.14.02. There is a stack exhaustion problem resulting from infinite recursion in the functions expr, rexp, bexpr and cexpr in certain scenarios involving lots of '{' characters. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted asm file. Se ha descubierto un problema de recursión en eval.c en Netwide Assembler (NASM) hasta la versión 2.14.02. Hay un problema de agotamiento de... • https://bugzilla.nasm.us/show_bug.cgi?id=3392548 • CWE-674: Uncontrolled Recursion •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2019-6291
https://notcve.org/view.php?id=CVE-2019-6291
15 Jan 2019 — An issue was discovered in the function expr6 in eval.c in Netwide Assembler (NASM) through 2.14.02. There is a stack exhaustion problem caused by the expr6 function making recursive calls to itself in certain scenarios involving lots of '!' or '+' or '-' characters. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted asm file. Se ha descubierto un problema en la función expr6 en eval.c en Netwide Assembler (NASM) hasta la versión 2.14.02. • https://bugzilla.nasm.us/show_bug.cgi?id=3392549 • CWE-674: Uncontrolled Recursion •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 1CVE-2018-19216
https://notcve.org/view.php?id=CVE-2018-19216
12 Nov 2018 — Netwide Assembler (NASM) before 2.13.02 has a use-after-free in detoken at asm/preproc.c. Netwide Assembler (NASM) en versiones anteriores a la 2.13.02 tiene un uso de memoria previamente liberada en detoken en asm/preproc.c. • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00015.html • CWE-416: Use After Free •
CVSS: 5.5EPSS: 1%CPEs: 16EXPL: 5CVE-2018-16517 – Netwide Assembler (NASM) 2.14rc15 - NULL Pointer Dereference (PoC)
https://notcve.org/view.php?id=CVE-2018-16517
06 Sep 2018 — asm/labels.c in Netwide Assembler (NASM) is prone to NULL Pointer Dereference, which allows the attacker to cause a denial of service via a crafted file. asm/labels.c en Netwide Assembler (NASM) es propenso a una desreferencia de puntero NULL, lo que permite que el atacante provoque una denegación de servicio (DoS) mediante un archivo manipulado. • https://packetstorm.news/files/id/152566 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 16EXPL: 2CVE-2018-1000667
https://notcve.org/view.php?id=CVE-2018-1000667
06 Sep 2018 — NASM nasm-2.13.03 nasm- 2.14rc15 version 2.14rc15 and earlier contains a memory corruption (crashed) of nasm when handling a crafted file due to function assemble_file(inname, depend_ptr) at asm/nasm.c:482. vulnerability in function assemble_file(inname, depend_ptr) at asm/nasm.c:482. that can result in aborting/crash nasm program. This attack appear to be exploitable via a specially crafted asm file.. NASM nasm-2.13.03 nasm- 2.14rc15 en su versión 2.14rc15 y anteriores contiene una corrupción de memoria (c... • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00015.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 1CVE-2008-7177
https://notcve.org/view.php?id=CVE-2008-7177
08 Sep 2009 — Buffer overflow in the listing module in Netwide Assembler (NASM) before 2.03.01 has unknown impact and attack vectors, a different vulnerability than CVE-2008-2719. Desbordamiento de buffer en el módulo listing en Netwide Assembler (NASM) anterior v2.03.01 tiene impacto desconocido y vectores atacados, una vulnerabilidad diferente que CVE-2008-2719. • http://secunia.com/advisories/30836 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 7%CPEs: 1EXPL: 2CVE-2004-1287 – NASM 0.98.x - Error Preprocessor Directive Buffer Overflow
https://notcve.org/view.php?id=CVE-2004-1287
22 Dec 2004 — Buffer overflow in the error function in preproc.c for NASM 0.98.38 1.2 allows attackers to execute arbitrary code via a crafted asm file, a different vulnerability than CVE-2005-1194. Desbordamiento de búfer en la función de error en prepor.c de NASM 0.98.38 1.2 permite a atacantes remotos ejecutar código de su elección mediante un fichero asm construido artesanalmente. • https://www.exploit-db.com/exploits/25005 • CWE-787: Out-of-bounds Write •