CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2022-29654
https://notcve.org/view.php?id=CVE-2022-29654
22 Aug 2023 — Buffer overflow vulnerability in quote_for_pmake in asm/nasm.c in nasm before 2.15.05 allows attackers to cause a denial of service via crafted file. La vulnerabilidad de desbordamiento de búfer en quote_for_pmake en asm/nasm.c en nasm antes de 2.15.05 permite a los atacantes provocar una denegación de servicio a través de un archivo diseñado. • https://gcc.gnu.org/onlinedocs/gcc/Instrumentation-Options.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2020-21686
https://notcve.org/view.php?id=CVE-2020-21686
22 Aug 2023 — A stack-use-after-scope issue discovered in expand_mmac_params function in preproc.c in nasm before 2.15.04 allows remote attackers to cause a denial of service via crafted asm file. • https://bugzilla.nasm.us/show_bug.cgi?id=3392643 • CWE-562: Return of Stack Variable Address •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2022-44370 – Gentoo Linux Security Advisory 202312-09
https://notcve.org/view.php?id=CVE-2022-44370
29 Mar 2023 — NASM v2.16 was discovered to contain a heap buffer overflow in the component quote_for_pmake() asm/nasm.c:856 Multiple vulnerabilities have been discovered in NASM, the worst of which could lead to arbitrary code execution. Versions greater than or equal to 2.16.01 are affected. • https://bugzilla.nasm.us/show_bug.cgi?id=3392815 • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2019-6290
https://notcve.org/view.php?id=CVE-2019-6290
15 Jan 2019 — An infinite recursion issue was discovered in eval.c in Netwide Assembler (NASM) through 2.14.02. There is a stack exhaustion problem resulting from infinite recursion in the functions expr, rexp, bexpr and cexpr in certain scenarios involving lots of '{' characters. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted asm file. Se ha descubierto un problema de recursión en eval.c en Netwide Assembler (NASM) hasta la versión 2.14.02. Hay un problema de agotamiento de... • https://bugzilla.nasm.us/show_bug.cgi?id=3392548 • CWE-674: Uncontrolled Recursion •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2019-6291
https://notcve.org/view.php?id=CVE-2019-6291
15 Jan 2019 — An issue was discovered in the function expr6 in eval.c in Netwide Assembler (NASM) through 2.14.02. There is a stack exhaustion problem caused by the expr6 function making recursive calls to itself in certain scenarios involving lots of '!' or '+' or '-' characters. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted asm file. Se ha descubierto un problema en la función expr6 en eval.c en Netwide Assembler (NASM) hasta la versión 2.14.02. • https://bugzilla.nasm.us/show_bug.cgi?id=3392549 • CWE-674: Uncontrolled Recursion •
CVSS: 5.5EPSS: 1%CPEs: 16EXPL: 5CVE-2018-16517 – Netwide Assembler (NASM) 2.14rc15 - NULL Pointer Dereference (PoC)
https://notcve.org/view.php?id=CVE-2018-16517
06 Sep 2018 — asm/labels.c in Netwide Assembler (NASM) is prone to NULL Pointer Dereference, which allows the attacker to cause a denial of service via a crafted file. asm/labels.c en Netwide Assembler (NASM) es propenso a una desreferencia de puntero NULL, lo que permite que el atacante provoque una denegación de servicio (DoS) mediante un archivo manipulado. • https://packetstorm.news/files/id/152566 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 16EXPL: 2CVE-2018-1000667
https://notcve.org/view.php?id=CVE-2018-1000667
06 Sep 2018 — NASM nasm-2.13.03 nasm- 2.14rc15 version 2.14rc15 and earlier contains a memory corruption (crashed) of nasm when handling a crafted file due to function assemble_file(inname, depend_ptr) at asm/nasm.c:482. vulnerability in function assemble_file(inname, depend_ptr) at asm/nasm.c:482. that can result in aborting/crash nasm program. This attack appear to be exploitable via a specially crafted asm file.. NASM nasm-2.13.03 nasm- 2.14rc15 en su versión 2.14rc15 y anteriores contiene una corrupción de memoria (c... • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00015.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.3EPSS: 0%CPEs: 2EXPL: 0CVE-2018-8881 – Ubuntu Security Notice USN-3694-1
https://notcve.org/view.php?id=CVE-2018-8881
20 Mar 2018 — Netwide Assembler (NASM) 2.13.02rc2 has a heap-based buffer over-read in the function tokenize in asm/preproc.c, related to an unterminated string. Netwide Assembler (NASM) 2.13.02rc2 tiene una sobrelectura de búfer basada en memoria dinámica (heap) en la función tokenize en asm/preproc.c. Esto se relaciona con una cadena no finalizada. It was discovered that NASM incorrectly handled certain source files. If a user or automated system were tricked into processing a specially crafted source file, a remote at... • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00015.html • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-8882
https://notcve.org/view.php?id=CVE-2018-8882
20 Mar 2018 — Netwide Assembler (NASM) 2.13.02rc2 has a stack-based buffer under-read in the function ieee_shr in asm/float.c via a large shift value. Netwide Assembler (NASM) 2.13.02rc2 tiene una sublectura de búfer basada en pila en la función ieee_shr en asm/float.c. Esto se relaciona con un gran valor de desplazamiento. • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00015.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-8883
https://notcve.org/view.php?id=CVE-2018-8883
20 Mar 2018 — Netwide Assembler (NASM) 2.13.02rc2 has a buffer over-read in the parse_line function in asm/parser.c via uncontrolled access to nasm_reg_flags. Netwide Assembler (NASM) 2.13.02rc2 tiene una sobrelectura de búfer en la función parse_line en asm/parser.c mediante el acceso no controlado a nasm_reg_flags. • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00015.html • CWE-125: Out-of-bounds Read •