CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2020-21686
https://notcve.org/view.php?id=CVE-2020-21686
A stack-use-after-scope issue discovered in expand_mmac_params function in preproc.c in nasm before 2.15.04 allows remote attackers to cause a denial of service via crafted asm file. • https://bugzilla.nasm.us/show_bug.cgi?id=3392643 • CWE-562: Return of Stack Variable Address •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2022-29654
https://notcve.org/view.php?id=CVE-2022-29654
Buffer overflow vulnerability in quote_for_pmake in asm/nasm.c in nasm before 2.15.05 allows attackers to cause a denial of service via crafted file. La vulnerabilidad de desbordamiento de búfer en quote_for_pmake en asm/nasm.c en nasm antes de 2.15.05 permite a los atacantes provocar una denegación de servicio a través de un archivo diseñado. • https://gcc.gnu.org/onlinedocs/gcc/Instrumentation-Options.html https://gist.github.com/naihsin/b96e2c5c2c81621b46557fd7aacd165f https://www.nasm.us/pub/nasm/releasebuilds/2.15.05 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2022-44370
https://notcve.org/view.php?id=CVE-2022-44370
NASM v2.16 was discovered to contain a heap buffer overflow in the component quote_for_pmake() asm/nasm.c:856 • https://bugzilla.nasm.us/show_bug.cgi?id=3392815 https://security.gentoo.org/glsa/202312-09 • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2019-14248
https://notcve.org/view.php?id=CVE-2019-14248
In libnasm.a in Netwide Assembler (NASM) 2.14.xx, asm/pragma.c allows a NULL pointer dereference in process_pragma, search_pragma_list, and nasm_set_limit when "%pragma limit" is mishandled. En el archivo libnasm.a en Netwide Assembler (NASM) versiones 2.14.xx, en el archivo asm/pragma.c permite una desreferencia de un puntero NULL en las funciones process_pragma, search_pragma_list, y nasm_set_limit cuando "%pragma limit" es manejado inapropiadamente. • https://bugzilla.nasm.us/show_bug.cgi?id=3392576 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2019-7147
https://notcve.org/view.php?id=CVE-2019-7147
A buffer over-read exists in the function crc64ib in crc64.c in nasmlib in Netwide Assembler (NASM) 2.14rc16. A crafted asm input can cause segmentation faults, leading to denial-of-service. Existe una sobrelectura de búfer en Netwide Assembler (NASM) 2.14rc16 en la función crc64ib en nasmlib. Una entrada asm manipulada puede causar fallos de segmentación, conduciendo a una denegación de servicio (DoS). • https://bugzilla.nasm.us/show_bug.cgi?id=3392544 • CWE-125: Out-of-bounds Read •