Nasm
Vulnerabilities
71
Known exploited
0
Max CVSS
9.3
Top EPSS
0.10471
Severity breakdown
Critical
1
High
4
Medium
29
Low
37
Also matched as (raw): nasm
Top vulnerabilities
CVE-2008-7177Buffer overflow in the listing module in Netwide Assembler (NASM) before 2.03.01 has unknown impact and attack vectors, a different vulnerability than CVE-2008-2719.
CVE-2019-8343In Netwide Assembler (NASM) 2.14.02, there is a use-after-free in paste_tokens in asm/preproc.c.
CVE-2022-44370NASM v2.16 was discovered to contain a heap buffer overflow in the component quote_for_pmake() asm/nasm.c:856
CVE-2019-20352In Netwide Assembler (NASM) 2.15rc0, a heap-based buffer over-read occurs (via a crafted .asm file) in set_text_free when called from expand_one_smacro in asm/preproc.c.
CVE-2018-19755There is an illegal address access at asm/preproc.c (function: is_mmacro) in Netwide Assembler (NASM) 2.14rc16 that will cause a denial of service (out-of-bounds array access) because a certain conversion can result in a negative integer.
CVE-2008-2719Off-by-one error in the ppscan function (preproc.c) in Netwide Assembler (NASM) 2.02 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted file that triggers a stack-based buffer overflow.
CVE-2019-20334In Netwide Assembler (NASM) 2.14.02, stack consumption occurs in expr# functions in asm/eval.c. This potentially affects the relationships among expr0, expr1, expr2, expr3, expr4, expr5, and expr6 (and stdscan in asm/stdscan.c). This is similar to CVE-2019-6290 and CVE-2019-6291.
CVE-2022-46456NASM v2.16 was discovered to contain a global buffer overflow in the component dbgdbg_typevalue at /output/outdbg.c.
CVE-2023-38668Stack-based buffer over-read in disasm in nasm 2.16 allows attackers to cause a denial of service (crash).
CVE-2023-38667Stack-based buffer over-read in function disasm in nasm 2.16 allows attackers to cause a denial of service.
CVE-2023-38665Null pointer dereference in ieee_write_file in nasm 2.16rc0 allows attackers to cause a denial of service (crash).
CVE-2023-31722There exists a heap buffer overflow in nasm 2.16.02rc1 (GitHub commit: b952891).
CVE-2022-46457NASM v2.16 was discovered to contain a segmentation violation in the component ieee_write_file at /output/outieee.c.
CVE-2022-44369NASM 2.16 (development) is vulnerable to 476: Null Pointer Dereference via output/outaout.c.
CVE-2022-44368NASM v2.16 was discovered to contain a null pointer deference in the NASM component
CVE-2022-41420nasm v2.16 was discovered to contain a stack overflow in the Ndisasm component
CVE-2022-29654Buffer overflow vulnerability in quote_for_pmake in asm/nasm.c in nasm before 2.15.05 allows attackers to cause a denial of service via crafted file.
CVE-2021-33452An issue was discovered in NASM version 2.16rc0. There are memory leaks in nasm_malloc() in nasmlib/alloc.c.
CVE-2021-33450An issue was discovered in NASM version 2.16rc0. There are memory leaks in nasm_calloc() in nasmlib/alloc.c.
CVE-2020-24978In NASM 2.15.04rc3, there is a double-free vulnerability in pp_tokline asm/preproc.c. This is fixed in commit 8806c3ca007b84accac21dd88b900fb03614ceb7.
CVE-2020-24242In Netwide Assembler (NASM) 2.15rc10, SEGV can be triggered in tok_text in asm/preproc.c by accessing READ memory.
CVE-2020-24241In Netwide Assembler (NASM) 2.15rc10, there is heap use-after-free in saa_wbytes in nasmlib/saa.c.
CVE-2020-21687Buffer Overflow vulnerability in scan function in stdscan.c in nasm 2.15rc0 allows remote attackers to cause a denial of service via crafted asm file.
CVE-2020-21686A stack-use-after-scope issue discovered in expand_mmac_params function in preproc.c in nasm before 2.15.04 allows remote attackers to cause a denial of service via crafted asm file.
CVE-2020-21685Buffer Overflow vulnerability in hash_findi function in hashtbl.c in nasm 2.15rc0 allows remote attackers to cause a denial of service via crafted asm file.