| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| In Netwide Assembler (NASM) 2.14rc0, there is an illegal address access in the function find_cc() in asm/preproc.c that will cause a remote denial of service attack, because pointers associated with skip_white_ calls are not validated. |
| In Netwide Assembler (NASM) 2.14rc0, there are multiple heap use after free vulnerabilities in the tool nasm. The related heap is allocated in the token() function and freed in the detoken() function (called by pp_getline()) - it is used again at multiple positions later that could cause multiple damages. For example, it causes a corrupted double-linked list in detoken(), a double free or corruption in delete_Token(), and an out-of-bounds write in detoken(). It has a high possibility to lead to a remote code execution attack. |
| In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in do_directive in asm/preproc.c that will cause a remote denial of service attack. |
| In Netwide Assembler (NASM) 2.14rc0, there is an illegal address access in is_mmacro() in asm/preproc.c that will cause a remote denial of service attack, because of a missing check for the relationship between minimum and maximum parameter counts. |
| In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in pp_list_one_macro in asm/preproc.c that will lead to a remote denial of service attack, related to mishandling of operand-type errors. |
| NASM v2.16 was discovered to contain a segmentation violation in the component ieee_write_file at /output/outieee.c. |
| NASM v2.16 was discovered to contain a global buffer overflow in the component dbgdbg_typevalue at /output/outdbg.c. |
| NASM 2.16 (development) is vulnerable to 476: Null Pointer Dereference via output/outaout.c. |
| NASM v2.16 was discovered to contain a null pointer deference in the NASM component |
| There exists a heap buffer overflow in nasm 2.16.02rc1 (GitHub commit: b952891). |
| Stack-based buffer over-read in disasm in nasm 2.16 allows attackers to cause a denial of service (crash). |
| Stack-based buffer over-read in function disasm in nasm 2.16 allows attackers to cause a denial of service. |
| Null pointer dereference in ieee_write_file in nasm 2.16rc0 allows attackers to cause a denial of service (crash). |
| NASM v2.16 was discovered to contain a heap buffer overflow in the component quote_for_pmake() asm/nasm.c:856 |
| nasm v2.16 was discovered to contain a stack overflow in the Ndisasm component |
| Buffer overflow vulnerability in quote_for_pmake in asm/nasm.c in nasm before 2.15.05 allows attackers to cause a denial of service via crafted file. |
| An infinite loop vulnerability exists in nasm 2.16rc0 via the gpaste_tokens function. |
| A Null Pointer Dereference vulnerability existfs in nasm 2.16rc0 via asm/preproc.c. |
| An issue was discovered in NASM version 2.16rc0. There are memory leaks in nasm_malloc() in nasmlib/alloc.c. |
| An issue was discovered in NASM version 2.16rc0. There are memory leaks in nasm_calloc() in nasmlib/alloc.c. |
