Filtered by vendor Nasm Subscriptions
Total 67 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2020-21685 1 Nasm 1 Netwide Assembler 2024-11-21 5.5 Medium
Buffer Overflow vulnerability in hash_findi function in hashtbl.c in nasm 2.15rc0 allows remote attackers to cause a denial of service via crafted asm file.
CVE-2020-21528 1 Nasm 1 Netwide Assembler 2024-11-21 5.5 Medium
A Segmentation Fault issue discovered in in ieee_segment function in outieee.c in nasm 2.14.03 and 2.15 allows remote attackers to cause a denial of service via crafted assembly file.
CVE-2020-18974 1 Nasm 1 Netwide Assembler 2024-11-21 3.3 Low
Buffer Overflow in Netwide Assembler (NASM) v2.15.xx allows attackers to cause a denial of service via 'crc64i' in the component 'nasmlib/crc64'. This issue is different than CVE-2019-7147.
CVE-2020-18780 1 Nasm 1 Netwide Assembler 2024-11-21 5.5 Medium
A Use After Free vulnerability in function new_Token in asm/preproc.c in nasm 2.14.02 allows attackers to cause a denial of service via crafted nasm command.
CVE-2019-8343 1 Nasm 1 Netwide Assembler 2024-11-21 N/A
In Netwide Assembler (NASM) 2.14.02, there is a use-after-free in paste_tokens in asm/preproc.c.
CVE-2019-7147 1 Nasm 1 Netwide Assembler 2024-11-21 N/A
A buffer over-read exists in the function crc64ib in crc64.c in nasmlib in Netwide Assembler (NASM) 2.14rc16. A crafted asm input can cause segmentation faults, leading to denial-of-service.
CVE-2019-6291 1 Nasm 1 Netwide Assembler 2024-11-21 N/A
An issue was discovered in the function expr6 in eval.c in Netwide Assembler (NASM) through 2.14.02. There is a stack exhaustion problem caused by the expr6 function making recursive calls to itself in certain scenarios involving lots of '!' or '+' or '-' characters. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted asm file.
CVE-2019-6290 1 Nasm 1 Netwide Assembler 2024-11-21 N/A
An infinite recursion issue was discovered in eval.c in Netwide Assembler (NASM) through 2.14.02. There is a stack exhaustion problem resulting from infinite recursion in the functions expr, rexp, bexpr and cexpr in certain scenarios involving lots of '{' characters. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted asm file.
CVE-2019-20352 1 Nasm 1 Netwide Assembler 2024-11-21 7.1 High
In Netwide Assembler (NASM) 2.15rc0, a heap-based buffer over-read occurs (via a crafted .asm file) in set_text_free when called from expand_one_smacro in asm/preproc.c.
CVE-2019-20334 1 Nasm 1 Netwide Assembler 2024-11-21 5.5 Medium
In Netwide Assembler (NASM) 2.14.02, stack consumption occurs in expr# functions in asm/eval.c. This potentially affects the relationships among expr0, expr1, expr2, expr3, expr4, expr5, and expr6 (and stdscan in asm/stdscan.c). This is similar to CVE-2019-6290 and CVE-2019-6291.
CVE-2019-14248 1 Nasm 1 Netwide Assembler 2024-11-21 N/A
In libnasm.a in Netwide Assembler (NASM) 2.14.xx, asm/pragma.c allows a NULL pointer dereference in process_pragma, search_pragma_list, and nasm_set_limit when "%pragma limit" is mishandled.
CVE-2018-8883 1 Nasm 1 Netwide Assembler 2024-11-21 N/A
Netwide Assembler (NASM) 2.13.02rc2 has a buffer over-read in the parse_line function in asm/parser.c via uncontrolled access to nasm_reg_flags.
CVE-2018-8882 1 Nasm 1 Netwide Assembler 2024-11-21 N/A
Netwide Assembler (NASM) 2.13.02rc2 has a stack-based buffer under-read in the function ieee_shr in asm/float.c via a large shift value.
CVE-2018-8881 2 Canonical, Nasm 2 Ubuntu Linux, Netwide Assembler 2024-11-21 N/A
Netwide Assembler (NASM) 2.13.02rc2 has a heap-based buffer over-read in the function tokenize in asm/preproc.c, related to an unterminated string.
CVE-2018-20538 1 Nasm 1 Netwide Assembler 2024-11-21 N/A
There is a use-after-free at asm/preproc.c (function pp_getline) in Netwide Assembler (NASM) 2.14rc16 that will cause a denial of service during certain finishes tests.
CVE-2018-20535 1 Nasm 1 Netwide Assembler 2024-11-21 N/A
There is a use-after-free at asm/preproc.c (function pp_getline) in Netwide Assembler (NASM) 2.14rc16 that will cause a denial of service during a line-number increment attempt.
CVE-2018-19755 1 Nasm 1 Netwide Assembler 2024-11-21 N/A
There is an illegal address access at asm/preproc.c (function: is_mmacro) in Netwide Assembler (NASM) 2.14rc16 that will cause a denial of service (out-of-bounds array access) because a certain conversion can result in a negative integer.
CVE-2018-19216 2 Debian, Nasm 2 Debian Linux, Netwide Assembler 2024-11-21 N/A
Netwide Assembler (NASM) before 2.13.02 has a use-after-free in detoken at asm/preproc.c.
CVE-2018-19215 2 Nasm, Redhat 2 Netwide Assembler, Enterprise Linux 2024-11-21 N/A
Netwide Assembler (NASM) 2.14rc16 has a heap-based buffer over-read in expand_mmac_params in asm/preproc.c for the special cases of the % and $ and ! characters.
CVE-2018-19214 2 Nasm, Redhat 2 Netwide Assembler, Enterprise Linux 2024-11-21 N/A
Netwide Assembler (NASM) 2.14rc15 has a heap-based buffer over-read in expand_mmac_params in asm/preproc.c for insufficient input.