Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nasm netwide assembler vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2017-17820
In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in pp_list_one_macro in asm/preproc.c that will lead to a remote denial of service attack, related to mishandling of operand-type errors.
Nasm Netwide Assembler 2.14
Canonical Ubuntu Linux 14.04
5.5
CVSSv3
CVE-2017-14228
In Netwide Assembler (NASM) 2.14rc0, there is an illegal address access in the function paste_tokens() in preproc.c, aka a NULL pointer dereference. It will lead to remote denial of service.
Nasm Netwide Assembler 2.14
Canonical Ubuntu Linux 14.04
7.8
CVSSv3
CVE-2017-11111
In Netwide Assembler (NASM) 2.14rc0, preproc.c allows remote malicious users to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted file.
Nasm Netwide Assembler 2.14
Canonical Ubuntu Linux 14.04
7.3
CVSSv3
CVE-2018-8881
Netwide Assembler (NASM) 2.13.02rc2 has a heap-based buffer over-read in the function tokenize in asm/preproc.c, related to an unterminated string.
Nasm Netwide Assembler 2.13.02
Canonical Ubuntu Linux 14.04
7.8
CVSSv3
CVE-2018-19216
Netwide Assembler (NASM) prior to 2.13.02 has a use-after-free in detoken at asm/preproc.c.
Nasm Netwide Assembler
Debian Debian Linux 8.0
Debian Debian Linux 9.0
7.8
CVSSv3
CVE-2018-19214
Netwide Assembler (NASM) 2.14rc15 has a heap-based buffer over-read in expand_mmac_params in asm/preproc.c for insufficient input.
Nasm Netwide Assembler 12.14
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Redhat Enterprise Linux 5.0
7.8
CVSSv3
CVE-2018-19215
Netwide Assembler (NASM) 2.14rc16 has a heap-based buffer over-read in expand_mmac_params in asm/preproc.c for the special cases of the % and $ and ! characters.
Nasm Netwide Assembler 12.14
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Redhat Enterprise Linux 5.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27802
template injection
CVE-2024-0044
code injection
CVE-2024-35474
CVE-2024-27857
CVE-2024-23251
CVE-2024-23692
physical
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7