CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2022-29654
https://notcve.org/view.php?id=CVE-2022-29654
22 Aug 2023 — Buffer overflow vulnerability in quote_for_pmake in asm/nasm.c in nasm before 2.15.05 allows attackers to cause a denial of service via crafted file. La vulnerabilidad de desbordamiento de búfer en quote_for_pmake en asm/nasm.c en nasm antes de 2.15.05 permite a los atacantes provocar una denegación de servicio a través de un archivo diseñado. • https://gcc.gnu.org/onlinedocs/gcc/Instrumentation-Options.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2022-44370 – Gentoo Linux Security Advisory 202312-09
https://notcve.org/view.php?id=CVE-2022-44370
29 Mar 2023 — NASM v2.16 was discovered to contain a heap buffer overflow in the component quote_for_pmake() asm/nasm.c:856 Multiple vulnerabilities have been discovered in NASM, the worst of which could lead to arbitrary code execution. Versions greater than or equal to 2.16.01 are affected. • https://bugzilla.nasm.us/show_bug.cgi?id=3392815 • CWE-787: Out-of-bounds Write •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 1CVE-2020-18974
https://notcve.org/view.php?id=CVE-2020-18974
25 Aug 2021 — Buffer Overflow in Netwide Assembler (NASM) v2.15.xx allows attackers to cause a denial of service via 'crc64i' in the component 'nasmlib/crc64'. This issue is different than CVE-2019-7147. Un desbordamiento del búfer en Netwide Assembler (NASM) versión v2.15.xx, permite a atacantes causar una denegación de servicio por medio de "crc64i" en el componente "nasmlib/crc64". Este problema es diferente de CVE-2019-7147. • https://bugzilla.nasm.us/show_bug.cgi?id=3392568 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2020-24978
https://notcve.org/view.php?id=CVE-2020-24978
03 Sep 2020 — In NASM 2.15.04rc3, there is a double-free vulnerability in pp_tokline asm/preproc.c. This is fixed in commit 8806c3ca007b84accac21dd88b900fb03614ceb7. En NASM versión 2.15.04rc3, se presenta una vulnerabilidad de doble liberación en el archivo pp_tokline asm/preproc.c. Esto es corregido en el commit 8806c3ca007b84accac21dd88b900fb03614ceb7 • https://bugzilla.nasm.us/show_bug.cgi?id=3392712 • CWE-415: Double Free •