Nasm » Netwide Assembler : Security Vulnerabilities, CVEs, (Denial of service)
Stack-based buffer over-read in disasm in nasm 2.16 allows attackers to cause a denial of service (crash).
Max CVSS
5.5
EPSS Score
0.04%
Published
2023-08-22
Updated
2023-08-28
Stack-based buffer over-read in function disasm in nasm 2.16 allows attackers to cause a denial of service.
Max CVSS
5.5
EPSS Score
0.04%
Published
2023-08-22
Updated
2023-08-28
Null pointer dereference in ieee_write_file in nasm 2.16rc0 allows attackers to cause a denial of service (crash).
Max CVSS
5.5
EPSS Score
0.04%
Published
2023-08-22
Updated
2023-08-26
Buffer overflow vulnerability in quote_for_pmake in asm/nasm.c in nasm before 2.15.05 allows attackers to cause a denial of service via crafted file.
Max CVSS
5.5
EPSS Score
0.04%
Published
2023-08-22
Updated
2023-08-25
Buffer Overflow vulnerability in scan function in stdscan.c in nasm 2.15rc0 allows remote attackers to cause a denial of service via crafted asm file.
Max CVSS
5.5
EPSS Score
0.07%
Published
2023-08-22
Updated
2023-08-25
A stack-use-after-scope issue discovered in expand_mmac_params function in preproc.c in nasm before 2.15.04 allows remote attackers to cause a denial of service via crafted asm file.
Max CVSS
5.5
EPSS Score
0.07%
Published
2023-08-22
Updated
2023-08-25
Buffer Overflow vulnerability in hash_findi function in hashtbl.c in nasm 2.15rc0 allows remote attackers to cause a denial of service via crafted asm file.
Max CVSS
5.5
EPSS Score
0.07%
Published
2023-08-22
Updated
2023-08-25
A Segmentation Fault issue discovered in in ieee_segment function in outieee.c in nasm 2.14.03 and 2.15 allows remote attackers to cause a denial of service via crafted assembly file.
Max CVSS
5.5
EPSS Score
0.07%
Published
2023-08-22
Updated
2023-12-22
Buffer Overflow in Netwide Assembler (NASM) v2.15.xx allows attackers to cause a denial of service via 'crc64i' in the component 'nasmlib/crc64'. This issue is different than CVE-2019-7147.
Max CVSS
4.3
EPSS Score
0.06%
Published
2021-08-25
Updated
2021-09-14
A Use After Free vulnerability in function new_Token in asm/preproc.c in nasm 2.14.02 allows attackers to cause a denial of service via crafted nasm command.
Max CVSS
5.5
EPSS Score
0.04%
Published
2023-08-22
Updated
2023-08-25
A buffer over-read exists in the function crc64ib in crc64.c in nasmlib in Netwide Assembler (NASM) 2.14rc16. A crafted asm input can cause segmentation faults, leading to denial-of-service.
Max CVSS
5.5
EPSS Score
0.06%
Published
2019-01-29
Updated
2020-08-24
An issue was discovered in the function expr6 in eval.c in Netwide Assembler (NASM) through 2.14.02. There is a stack exhaustion problem caused by the expr6 function making recursive calls to itself in certain scenarios involving lots of '!' or '+' or '-' characters. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted asm file.
Max CVSS
5.5
EPSS Score
0.08%
Published
2019-01-15
Updated
2020-08-24
An infinite recursion issue was discovered in eval.c in Netwide Assembler (NASM) through 2.14.02. There is a stack exhaustion problem resulting from infinite recursion in the functions expr, rexp, bexpr and cexpr in certain scenarios involving lots of '{' characters. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted asm file.
Max CVSS
5.5
EPSS Score
0.08%
Published
2019-01-15
Updated
2020-08-24
There is a use-after-free at asm/preproc.c (function pp_getline) in Netwide Assembler (NASM) 2.14rc16 that will cause a denial of service during certain finishes tests.
Max CVSS
5.5
EPSS Score
0.06%
Published
2018-12-28
Updated
2019-01-10
There is a use-after-free at asm/preproc.c (function pp_getline) in Netwide Assembler (NASM) 2.14rc16 that will cause a denial of service during a line-number increment attempt.
Max CVSS
5.5
EPSS Score
0.07%
Published
2018-12-28
Updated
2019-01-18
There is an illegal address access at asm/preproc.c (function: is_mmacro) in Netwide Assembler (NASM) 2.14rc16 that will cause a denial of service (out-of-bounds array access) because a certain conversion can result in a negative integer.
Max CVSS
5.5
EPSS Score
0.06%
Published
2018-11-30
Updated
2018-12-21
Netwide Assembler (NASM) through 2.14rc16 has memory leaks that may lead to DoS, related to nasm_malloc in nasmlib/malloc.c.
Max CVSS
5.5
EPSS Score
0.05%
Published
2018-11-12
Updated
2019-10-03
Netwide Assembler (NASM) 2.14rc15 has a NULL pointer dereference in the function find_label in asm/labels.c that will lead to a DoS attack.
Max CVSS
5.5
EPSS Score
0.06%
Published
2018-11-12
Updated
2018-12-13
Netwide Assembler (NASM) 2.14rc15 has an invalid memory write (segmentation fault) in expand_smacro in preproc.c, which allows attackers to cause a denial of service via a crafted input file.
Max CVSS
5.5
EPSS Score
0.18%
Published
2018-09-13
Updated
2020-07-13
asm/labels.c in Netwide Assembler (NASM) is prone to NULL Pointer Dereference, which allows the attacker to cause a denial of service via a crafted file.
Max CVSS
5.5
EPSS Score
0.20%
Published
2018-09-06
Updated
2020-11-10
Netwide Assembler (NASM) 2.13 has a stack-based buffer over-read in the disasm function of the disasm/disasm.c file. Remote attackers could leverage this vulnerability to cause a denial of service or possibly have unspecified other impact via a crafted ELF file.
Max CVSS
7.8
EPSS Score
0.52%
Published
2018-04-21
Updated
2020-07-13
In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in pp_list_one_macro in asm/preproc.c that will lead to a remote denial of service attack, related to mishandling of operand-type errors.
Max CVSS
5.5
EPSS Score
0.08%
Published
2017-12-21
Updated
2022-08-02
In Netwide Assembler (NASM) 2.14rc0, there is an illegal address access in the function find_cc() in asm/preproc.c that will cause a remote denial of service attack, because pointers associated with skip_white_ calls are not validated.
Max CVSS
5.5
EPSS Score
0.38%
Published
2017-12-21
Updated
2022-08-02
In Netwide Assembler (NASM) 2.14rc0, there is a heap-based buffer over-read that will cause a remote denial of service attack, related to a while loop in paste_tokens in asm/preproc.c.
Max CVSS
7.5
EPSS Score
0.13%
Published
2017-12-21
Updated
2019-10-03
In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in pp_verror in asm/preproc.c that will cause a remote denial of service attack.
Max CVSS
5.5
EPSS Score
0.08%
Published
2017-12-21
Updated
2022-08-02