Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nasm vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2017-17817
In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in pp_verror in asm/preproc.c that will cause a remote denial of service attack.
Nasm Netwide Assembler 2.14
Canonical Ubuntu Linux 14.04
5.5
CVSSv3
CVE-2017-17819
In Netwide Assembler (NASM) 2.14rc0, there is an illegal address access in the function find_cc() in asm/preproc.c that will cause a remote denial of service attack, because pointers associated with skip_white_ calls are not validated.
Nasm Netwide Assembler 2.14
Canonical Ubuntu Linux 14.04
7.8
CVSSv3
CVE-2017-11111
In Netwide Assembler (NASM) 2.14rc0, preproc.c allows remote malicious users to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted file.
Nasm Netwide Assembler 2.14
Canonical Ubuntu Linux 14.04
7.8
CVSSv3
CVE-2017-10686
In Netwide Assembler (NASM) 2.14rc0, there are multiple heap use after free vulnerabilities in the tool nasm. The related heap is allocated in the token() function and freed in the detoken() function (called by pp_getline()) - it is used again at multiple positions later that cou...
Nasm Netwide Assembler 2.14
Canonical Ubuntu Linux 14.04
7.8
CVSSv3
CVE-2018-19216
Netwide Assembler (NASM) prior to 2.13.02 has a use-after-free in detoken at asm/preproc.c.
Nasm Netwide Assembler
Debian Debian Linux 9.0
Debian Debian Linux 8.0
7.8
CVSSv3
CVE-2018-19214
Netwide Assembler (NASM) 2.14rc15 has a heap-based buffer over-read in expand_mmac_params in asm/preproc.c for insufficient input.
Nasm Netwide Assembler 12.14
Redhat Enterprise Linux 5.0
Redhat Enterprise Linux 6.0
Redhat Enterprise Linux 7.0
7.8
CVSSv3
CVE-2018-19215
Netwide Assembler (NASM) 2.14rc16 has a heap-based buffer over-read in expand_mmac_params in asm/preproc.c for the special cases of the % and $ and ! characters.
Nasm Netwide Assembler 12.14
Redhat Enterprise Linux 5.0
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
NA
CVE-2005-1194
Stack-based buffer overflow in the ieee_putascii function for nasm 0.98 and previous versions allows malicious users to execute arbitrary code via a crafted asm file, a different vulnerability than CVE-2004-1287.
Redhat Enterprise Linux 4.0
Redhat Enterprise Linux 2.1
Redhat Enterprise Linux 3.0
Redhat Enterprise Linux Desktop 4.0
Redhat Linux Advanced Workstation 2.1
Redhat Enterprise Linux Desktop 3.0
5.5
CVSSv3
CVE-2021-33459
An issue exists in yasm version 1.3.0. There is a NULL pointer dereference in nasm_parser_directive() in modules/parsers/nasm/nasm-parse.c.
Tortall Yasm 1.3.0
5.5
CVSSv3
CVE-2023-31723
yasm 1.3.0.55.g101bc exists to contain a segmentation violation via the function expand_mmac_params at /nasm/nasm-pp.c.
Yasm Project Yasm 1.3.0.55.g101bc
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »