CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2022-29654
https://notcve.org/view.php?id=CVE-2022-29654
22 Aug 2023 — Buffer overflow vulnerability in quote_for_pmake in asm/nasm.c in nasm before 2.15.05 allows attackers to cause a denial of service via crafted file. La vulnerabilidad de desbordamiento de búfer en quote_for_pmake en asm/nasm.c en nasm antes de 2.15.05 permite a los atacantes provocar una denegación de servicio a través de un archivo diseñado. • https://gcc.gnu.org/onlinedocs/gcc/Instrumentation-Options.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2020-21686
https://notcve.org/view.php?id=CVE-2020-21686
22 Aug 2023 — A stack-use-after-scope issue discovered in expand_mmac_params function in preproc.c in nasm before 2.15.04 allows remote attackers to cause a denial of service via crafted asm file. • https://bugzilla.nasm.us/show_bug.cgi?id=3392643 • CWE-562: Return of Stack Variable Address •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2022-44370 – Gentoo Linux Security Advisory 202312-09
https://notcve.org/view.php?id=CVE-2022-44370
29 Mar 2023 — NASM v2.16 was discovered to contain a heap buffer overflow in the component quote_for_pmake() asm/nasm.c:856 Multiple vulnerabilities have been discovered in NASM, the worst of which could lead to arbitrary code execution. Versions greater than or equal to 2.16.01 are affected. • https://bugzilla.nasm.us/show_bug.cgi?id=3392815 • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2019-14248
https://notcve.org/view.php?id=CVE-2019-14248
24 Jul 2019 — In libnasm.a in Netwide Assembler (NASM) 2.14.xx, asm/pragma.c allows a NULL pointer dereference in process_pragma, search_pragma_list, and nasm_set_limit when "%pragma limit" is mishandled. En el archivo libnasm.a en Netwide Assembler (NASM) versiones 2.14.xx, en el archivo asm/pragma.c permite una desreferencia de un puntero NULL en las funciones process_pragma, search_pragma_list, y nasm_set_limit cuando "%pragma limit" es manejado inapropiadamente. • https://bugzilla.nasm.us/show_bug.cgi?id=3392576 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2019-7147
https://notcve.org/view.php?id=CVE-2019-7147
29 Jan 2019 — A buffer over-read exists in the function crc64ib in crc64.c in nasmlib in Netwide Assembler (NASM) 2.14rc16. A crafted asm input can cause segmentation faults, leading to denial-of-service. Existe una sobrelectura de búfer en Netwide Assembler (NASM) 2.14rc16 en la función crc64ib en nasmlib. Una entrada asm manipulada puede causar fallos de segmentación, conduciendo a una denegación de servicio (DoS). • https://bugzilla.nasm.us/show_bug.cgi?id=3392544 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2019-6290
https://notcve.org/view.php?id=CVE-2019-6290
15 Jan 2019 — An infinite recursion issue was discovered in eval.c in Netwide Assembler (NASM) through 2.14.02. There is a stack exhaustion problem resulting from infinite recursion in the functions expr, rexp, bexpr and cexpr in certain scenarios involving lots of '{' characters. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted asm file. Se ha descubierto un problema de recursión en eval.c en Netwide Assembler (NASM) hasta la versión 2.14.02. Hay un problema de agotamiento de... • https://bugzilla.nasm.us/show_bug.cgi?id=3392548 • CWE-674: Uncontrolled Recursion •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2019-6291
https://notcve.org/view.php?id=CVE-2019-6291
15 Jan 2019 — An issue was discovered in the function expr6 in eval.c in Netwide Assembler (NASM) through 2.14.02. There is a stack exhaustion problem caused by the expr6 function making recursive calls to itself in certain scenarios involving lots of '!' or '+' or '-' characters. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted asm file. Se ha descubierto un problema en la función expr6 en eval.c en Netwide Assembler (NASM) hasta la versión 2.14.02. • https://bugzilla.nasm.us/show_bug.cgi?id=3392549 • CWE-674: Uncontrolled Recursion •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2018-20535
https://notcve.org/view.php?id=CVE-2018-20535
28 Dec 2018 — There is a use-after-free at asm/preproc.c (function pp_getline) in Netwide Assembler (NASM) 2.14rc16 that will cause a denial of service during a line-number increment attempt. Hay un uso de memoria previamente liberada en asm/preproc.c (función pp_getline) en Netwide Assembler (NASM) 2.14rc16 que provocará una denegación de servicio (DoS) durante un intento de incremento de línea y número. • https://bugzilla.nasm.us/show_bug.cgi?id=3392530 • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2018-20538
https://notcve.org/view.php?id=CVE-2018-20538
28 Dec 2018 — There is a use-after-free at asm/preproc.c (function pp_getline) in Netwide Assembler (NASM) 2.14rc16 that will cause a denial of service during certain finishes tests. Hay un uso de memoria previamente liberada en asm/preproc.c (función pp_getline) en Netwide Assembler (NASM) 2.14rc16 que provocará una denegación de servicio (DoS) durante ciertas pruebas de finalización. • https://bugzilla.nasm.us/show_bug.cgi?id=3392531 • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2018-19209
https://notcve.org/view.php?id=CVE-2018-19209
12 Nov 2018 — Netwide Assembler (NASM) 2.14rc15 has a NULL pointer dereference in the function find_label in asm/labels.c that will lead to a DoS attack. Netwide Assembler (NASM) 2.14rc15 tiene una desreferencia de puntero NULL en la función find_label en asm/labels.c que conducirá a un ataque de denegación de servicio (DoS). • https://bugzilla.suse.com/show_bug.cgi?id=1115797 • CWE-476: NULL Pointer Dereference •