Filtered by vendor Nasm
Subscriptions
Filtered by product Netwide Assembler
Subscriptions
Total
67 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-1000886 | 1 Nasm | 1 Netwide Assembler | 2024-09-17 | N/A |
| nasm version 2.14.01rc5, 2.15 contains a Buffer Overflow vulnerability in asm/stdscan.c:130 that can result in Stack-overflow caused by triggering endless macro generation, crash the program. This attack appear to be exploitable via a crafted nasm input file. | ||||
| CVE-2019-6291 | 1 Nasm | 1 Netwide Assembler | 2024-09-16 | N/A |
| An issue was discovered in the function expr6 in eval.c in Netwide Assembler (NASM) through 2.14.02. There is a stack exhaustion problem caused by the expr6 function making recursive calls to itself in certain scenarios involving lots of '!' or '+' or '-' characters. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted asm file. | ||||
| CVE-2018-19755 | 1 Nasm | 1 Netwide Assembler | 2024-09-16 | N/A |
| There is an illegal address access at asm/preproc.c (function: is_mmacro) in Netwide Assembler (NASM) 2.14rc16 that will cause a denial of service (out-of-bounds array access) because a certain conversion can result in a negative integer. | ||||
| CVE-2019-8343 | 1 Nasm | 1 Netwide Assembler | 2024-09-16 | N/A |
| In Netwide Assembler (NASM) 2.14.02, there is a use-after-free in paste_tokens in asm/preproc.c. | ||||
| CVE-2018-19213 | 1 Nasm | 1 Netwide Assembler | 2024-09-16 | N/A |
| Netwide Assembler (NASM) through 2.14rc16 has memory leaks that may lead to DoS, related to nasm_malloc in nasmlib/malloc.c. | ||||
| CVE-2019-6290 | 1 Nasm | 1 Netwide Assembler | 2024-09-16 | N/A |
| An infinite recursion issue was discovered in eval.c in Netwide Assembler (NASM) through 2.14.02. There is a stack exhaustion problem resulting from infinite recursion in the functions expr, rexp, bexpr and cexpr in certain scenarios involving lots of '{' characters. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted asm file. | ||||
| CVE-2004-1287 | 2 Nasm, Redhat | 2 Netwide Assembler, Enterprise Linux | 2024-08-08 | N/A |
| Buffer overflow in the error function in preproc.c for NASM 0.98.38 1.2 allows attackers to execute arbitrary code via a crafted asm file, a different vulnerability than CVE-2005-1194. | ||||
| CVE-2008-7177 | 1 Nasm | 1 Netwide Assembler | 2024-08-07 | N/A |
| Buffer overflow in the listing module in Netwide Assembler (NASM) before 2.03.01 has unknown impact and attack vectors, a different vulnerability than CVE-2008-2719. | ||||
| CVE-2008-2719 | 1 Nasm | 1 Netwide Assembler | 2024-08-07 | N/A |
| Off-by-one error in the ppscan function (preproc.c) in Netwide Assembler (NASM) 2.02 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted file that triggers a stack-based buffer overflow. | ||||
| CVE-2017-17811 | 2 Canonical, Nasm | 2 Ubuntu Linux, Netwide Assembler | 2024-08-05 | N/A |
| In Netwide Assembler (NASM) 2.14rc0, there is a heap-based buffer overflow that will cause a remote denial of service attack, related to a strcpy in paste_tokens in asm/preproc.c, a similar issue to CVE-2017-11111. | ||||
| CVE-2017-17819 | 2 Canonical, Nasm | 2 Ubuntu Linux, Netwide Assembler | 2024-08-05 | N/A |
| In Netwide Assembler (NASM) 2.14rc0, there is an illegal address access in the function find_cc() in asm/preproc.c that will cause a remote denial of service attack, because pointers associated with skip_white_ calls are not validated. | ||||
| CVE-2017-17814 | 2 Canonical, Nasm | 2 Ubuntu Linux, Netwide Assembler | 2024-08-05 | N/A |
| In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in do_directive in asm/preproc.c that will cause a remote denial of service attack. | ||||
| CVE-2017-17818 | 2 Canonical, Nasm | 2 Ubuntu Linux, Netwide Assembler | 2024-08-05 | N/A |
| In Netwide Assembler (NASM) 2.14rc0, there is a heap-based buffer over-read that will cause a remote denial of service attack, related to a while loop in paste_tokens in asm/preproc.c. | ||||
| CVE-2017-17820 | 2 Canonical, Nasm | 2 Ubuntu Linux, Netwide Assembler | 2024-08-05 | N/A |
| In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in pp_list_one_macro in asm/preproc.c that will lead to a remote denial of service attack, related to mishandling of operand-type errors. | ||||
| CVE-2017-17817 | 2 Canonical, Nasm | 2 Ubuntu Linux, Netwide Assembler | 2024-08-05 | N/A |
| In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in pp_verror in asm/preproc.c that will cause a remote denial of service attack. | ||||
| CVE-2017-17812 | 2 Canonical, Nasm | 2 Ubuntu Linux, Netwide Assembler | 2024-08-05 | N/A |
| In Netwide Assembler (NASM) 2.14rc0, there is a heap-based buffer over-read in the function detoken() in asm/preproc.c that will cause a remote denial of service attack. | ||||
| CVE-2017-17810 | 2 Canonical, Nasm | 2 Ubuntu Linux, Netwide Assembler | 2024-08-05 | N/A |
| In Netwide Assembler (NASM) 2.14rc0, there is a "SEGV on unknown address" that will cause a remote denial of service attack, because asm/preproc.c mishandles macro calls that have the wrong number of arguments. | ||||
| CVE-2017-17815 | 2 Canonical, Nasm | 2 Ubuntu Linux, Netwide Assembler | 2024-08-05 | N/A |
| In Netwide Assembler (NASM) 2.14rc0, there is an illegal address access in is_mmacro() in asm/preproc.c that will cause a remote denial of service attack, because of a missing check for the relationship between minimum and maximum parameter counts. | ||||
| CVE-2017-17816 | 2 Canonical, Nasm | 2 Ubuntu Linux, Netwide Assembler | 2024-08-05 | N/A |
| In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in pp_getline in asm/preproc.c that will cause a remote denial of service attack. | ||||
| CVE-2017-17813 | 2 Canonical, Nasm | 2 Ubuntu Linux, Netwide Assembler | 2024-08-05 | N/A |
| In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in the pp_list_one_macro function in asm/preproc.c that will cause a remote denial of service attack, related to mishandling of line-syntax errors. | ||||