Netwide Assembler

netwide_assembler

Vendor: Nasm • 75 CVEs

CVEs (75)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2017-17818 2Canonical Nasm 2Netwide Assembler Ubuntu Linux May 13, 2026 Dec 21, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In Netwide Assembler (NASM) 2.14rc0, there is a heap-based buffer over-read that will cause a remote denial of service attack, related to a while loop in paste_tokens in asm/preproc.c.
CVE-2017-17817 2Canonical Nasm 2Netwide Assembler Ubuntu Linux May 13, 2026 Dec 21, 2017 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in pp_verror in asm/preproc.c that will cause a remote denial of service attack.
CVE-2017-17816 2Canonical Nasm 2Netwide Assembler Ubuntu Linux May 13, 2026 Dec 21, 2017 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in pp_getline in asm/preproc.c that will cause a remote denial of service attack.
CVE-2017-17815 2Canonical Nasm 2Netwide Assembler Ubuntu Linux May 13, 2026 Dec 21, 2017 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 In Netwide Assembler (NASM) 2.14rc0, there is an illegal address access in is_mmacro() in asm/preproc.c that will cause a remote denial of service attack, because of a missing check for the relationship between minimum a...Show more In Netwide Assembler (NASM) 2.14rc0, there is an illegal address access in is_mmacro() in asm/preproc.c that will cause a remote denial of service attack, because of a missing check for the relationship between minimum and maximum parameter counts.Show less
CVE-2017-17814 2Canonical Nasm 2Netwide Assembler Ubuntu Linux May 13, 2026 Dec 21, 2017 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in do_directive in asm/preproc.c that will cause a remote denial of service attack.
CVE-2017-17813 2Canonical Nasm 2Netwide Assembler Ubuntu Linux May 13, 2026 Dec 21, 2017 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in the pp_list_one_macro function in asm/preproc.c that will cause a remote denial of service attack, related to mishandling of line-syntax errors.
CVE-2017-17812 2Canonical Nasm 2Netwide Assembler Ubuntu Linux May 13, 2026 Dec 21, 2017 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 In Netwide Assembler (NASM) 2.14rc0, there is a heap-based buffer over-read in the function detoken() in asm/preproc.c that will cause a remote denial of service attack.
CVE-2017-17811 2Canonical Nasm 2Netwide Assembler Ubuntu Linux May 13, 2026 Dec 21, 2017 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 In Netwide Assembler (NASM) 2.14rc0, there is a heap-based buffer overflow that will cause a remote denial of service attack, related to a strcpy in paste_tokens in asm/preproc.c, a similar issue to CVE-2017-11111.
CVE-2017-17810 2Canonical Nasm 2Netwide Assembler Ubuntu Linux May 13, 2026 Dec 21, 2017 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 In Netwide Assembler (NASM) 2.14rc0, there is a "SEGV on unknown address" that will cause a remote denial of service attack, because asm/preproc.c mishandles macro calls that have the wrong number of arguments.
CVE-2017-14228 2Canonical Nasm 2Netwide Assembler Ubuntu Linux May 13, 2026 Sep 9, 2017 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 In Netwide Assembler (NASM) 2.14rc0, there is an illegal address access in the function paste_tokens() in preproc.c, aka a NULL pointer dereference. It will lead to remote denial of service.
CVE-2017-11111 2Canonical Nasm 2Netwide Assembler Ubuntu Linux May 13, 2026 Jul 8, 2017 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 In Netwide Assembler (NASM) 2.14rc0, preproc.c allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted file.
CVE-2017-10686 2Canonical Nasm 2Netwide Assembler Ubuntu Linux May 13, 2026 Jun 29, 2017 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 In Netwide Assembler (NASM) 2.14rc0, there are multiple heap use after free vulnerabilities in the tool nasm. The related heap is allocated in the token() function and freed in the detoken() function (called by pp_getlin...Show more In Netwide Assembler (NASM) 2.14rc0, there are multiple heap use after free vulnerabilities in the tool nasm. The related heap is allocated in the token() function and freed in the detoken() function (called by pp_getline()) - it is used again at multiple positions later that could cause multiple damages. For example, it causes a corrupted double-linked list in detoken(), a double free or corruption in delete_Token(), and an out-of-bounds write in detoken(). It has a high possibility to lead to a remote code execution attack.Show less
CVE-2008-7177 1Nasm 1Netwide Assembler Apr 23, 2026 Sep 8, 2009 N/A· v4 N/A· v3 9.3 HIGH· v2 Buffer overflow in the listing module in Netwide Assembler (NASM) before 2.03.01 has unknown impact and attack vectors, a different vulnerability than CVE-2008-2719.
CVE-2008-2719 1Nasm 1Netwide Assembler Apr 23, 2026 Jun 16, 2008 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Off-by-one error in the ppscan function (preproc.c) in Netwide Assembler (NASM) 2.02 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted file that tri...Show more Off-by-one error in the ppscan function (preproc.c) in Netwide Assembler (NASM) 2.02 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted file that triggers a stack-based buffer overflow.Show less
CVE-2004-1287 1Nasm 1Netwide Assembler Apr 16, 2026 Jan 10, 2005 N/A· v4 N/A· v3 10.0 HIGH· v2 Buffer overflow in the error function in preproc.c for NASM 0.98.38 1.2 allows attackers to execute arbitrary code via a crafted asm file, a different vulnerability than CVE-2005-1194.

Previous 1 2 34