Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Netwide_assembler
(Nasm)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 67 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2018-09-06 | CVE-2018-16517 | asm/labels.c in Netwide Assembler (NASM) is prone to NULL Pointer Dereference, which allows the attacker to cause a denial of service via a crafted file. | Netwide_assembler | 5.5 | ||
| 2020-01-06 | CVE-2019-20352 | In Netwide Assembler (NASM) 2.15rc0, a heap-based buffer over-read occurs (via a crafted .asm file) in set_text_free when called from expand_one_smacro in asm/preproc.c. | Netwide_assembler | N/A | ||
| 2018-03-20 | CVE-2018-8883 | Netwide Assembler (NASM) 2.13.02rc2 has a buffer over-read in the parse_line function in asm/parser.c via uncontrolled access to nasm_reg_flags. | Netwide_assembler | 7.8 | ||
| 2018-03-20 | CVE-2018-8882 | Netwide Assembler (NASM) 2.13.02rc2 has a stack-based buffer under-read in the function ieee_shr in asm/float.c via a large shift value. | Netwide_assembler | 7.8 | ||
| 2018-03-20 | CVE-2018-8881 | Netwide Assembler (NASM) 2.13.02rc2 has a heap-based buffer over-read in the function tokenize in asm/preproc.c, related to an unterminated string. | Ubuntu_linux, Netwide_assembler | 7.3 | ||
| 2018-11-12 | CVE-2018-19216 | Netwide Assembler (NASM) before 2.13.02 has a use-after-free in detoken at asm/preproc.c. | Debian_linux, Netwide_assembler | 7.8 | ||
| 2018-11-12 | CVE-2018-19215 | Netwide Assembler (NASM) 2.14rc16 has a heap-based buffer over-read in expand_mmac_params in asm/preproc.c for the special cases of the % and $ and ! characters. | Netwide_assembler, Enterprise_linux | 7.8 | ||
| 2018-11-12 | CVE-2018-19214 | Netwide Assembler (NASM) 2.14rc15 has a heap-based buffer over-read in expand_mmac_params in asm/preproc.c for insufficient input. | Netwide_assembler, Enterprise_linux | 7.8 | ||
| 2018-09-13 | CVE-2018-16999 | Netwide Assembler (NASM) 2.14rc15 has an invalid memory write (segmentation fault) in expand_smacro in preproc.c, which allows attackers to cause a denial of service via a crafted input file. | Netwide_assembler | 5.5 | ||
| 2018-09-03 | CVE-2018-16382 | Netwide Assembler (NASM) 2.14rc15 has a buffer over-read in x86/regflags.c. | Netwide_assembler | 5.5 |