Nasm

nasm

75 CVEs • 1 product

Products (1)

Click to collapse

Toggle

Netwide Assembler

netwide_assembler

75 CVEs

CVEs (75)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2026-6069 1Nasm 1Netwide Assembler Apr 16, 2026 Apr 10, 2026 N/A· v4 7.5 HIGH· v3 N/A· v2 NASM’s disasm() function contains a stack based buffer overflow when formatting disassembly output, allowing an attacker triggered out-of-bounds write when `slen` exceeds the buffer capacity.
CVE-2026-6068 1Nasm 1Netwide Assembler May 26, 2026 Apr 10, 2026 N/A· v4 9.6 CRITICAL· v3 N/A· v2 NASM contains a heap use after free vulnerability in response file (-@) processing where a dangling pointer to freed memory is stored in the global depend_file and later dereferenced, as the response-file buffer is freed...Show more NASM contains a heap use after free vulnerability in response file (-@) processing where a dangling pointer to freed memory is stored in the global depend_file and later dereferenced, as the response-file buffer is freed before the pointer is used, allowing for data corruption or remote code execution.Show less
CVE-2026-6067 1Nasm 1Netwide Assembler Apr 23, 2026 Apr 10, 2026 N/A· v4 5.5 MEDIUM· v3 N/A· v2 A heap buffer overflow vulnerability exists in the Netwide Assembler (NASM) due to a lack of bounds checking in the obj_directive() function. This vulnerability can be exploited by a user assembling a malicious .asm file...Show more A heap buffer overflow vulnerability exists in the Netwide Assembler (NASM) due to a lack of bounds checking in the obj_directive() function. This vulnerability can be exploited by a user assembling a malicious .asm file, potentially leading to heap memory corruption, denial of service (crash), and arbitrary code execution.Show less
CVE-2025-8846 1Nasm 1Netwide Assembler Apr 29, 2026 Aug 11, 2025 1.9 LOW· v4 7.8 HIGH· v3 4.3 MEDIUM· v2 A vulnerability has been found in NASM Netwide Assember 2.17rc0. Affected is the function parse_line of the file parser.c. The manipulation leads to stack-based buffer overflow. The attack needs to be approached locally....Show more A vulnerability has been found in NASM Netwide Assember 2.17rc0. Affected is the function parse_line of the file parser.c. The manipulation leads to stack-based buffer overflow. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used.Show less
CVE-2025-8845 1Nasm 1Netwide Assembler Apr 29, 2026 Aug 11, 2025 1.9 LOW· v4 7.8 HIGH· v3 4.3 MEDIUM· v2 A vulnerability was identified in NASM Netwide Assember 2.17rc0. This issue affects the function assemble_file of the file nasm.c. The manipulation leads to stack-based buffer overflow. It is possible to launch the attac...Show more A vulnerability was identified in NASM Netwide Assember 2.17rc0. This issue affects the function assemble_file of the file nasm.c. The manipulation leads to stack-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used.Show less
CVE-2025-8844 1Nasm 1Netwide Assembler Apr 29, 2026 Aug 11, 2025 1.9 LOW· v4 5.5 MEDIUM· v3 1.7 LOW· v2 A vulnerability was determined in NASM Netwide Assember 2.17rc0. This vulnerability affects the function parse_smacro_template of the file preproc.c. The manipulation leads to null pointer dereference. Attacking locally...Show more A vulnerability was determined in NASM Netwide Assember 2.17rc0. This vulnerability affects the function parse_smacro_template of the file preproc.c. The manipulation leads to null pointer dereference. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used.Show less
CVE-2025-8843 1Nasm 1Netwide Assembler Apr 29, 2026 Aug 11, 2025 1.9 LOW· v4 7.8 HIGH· v3 4.3 MEDIUM· v2 A vulnerability was found in NASM Netwide Assember 2.17rc0. This affects the function macho_no_dead_strip of the file outmacho.c. The manipulation leads to heap-based buffer overflow. Local access is required to approach...Show more A vulnerability was found in NASM Netwide Assember 2.17rc0. This affects the function macho_no_dead_strip of the file outmacho.c. The manipulation leads to heap-based buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used.Show less
CVE-2025-8842 1Nasm 1Netwide Assembler Apr 29, 2026 Aug 11, 2025 1.9 LOW· v4 7.8 HIGH· v3 4.3 MEDIUM· v2 A vulnerability has been found in NASM Netwide Assember 2.17rc0. Affected by this issue is the function do_directive of the file preproc.c. The manipulation leads to use after free. An attack has to be approached locally...Show more A vulnerability has been found in NASM Netwide Assember 2.17rc0. Affected by this issue is the function do_directive of the file preproc.c. The manipulation leads to use after free. An attack has to be approached locally. The exploit has been disclosed to the public and may be used.Show less
CVE-2023-38668 1Nasm 1Netwide Assembler Nov 21, 2024 Aug 22, 2023 N/A· v4 5.5 MEDIUM· v3 N/A· v2 Stack-based buffer over-read in disasm in nasm 2.16 allows attackers to cause a denial of service (crash).
CVE-2023-38667 1Nasm 1Netwide Assembler Nov 21, 2024 Aug 22, 2023 N/A· v4 5.5 MEDIUM· v3 N/A· v2 Stack-based buffer over-read in function disasm in nasm 2.16 allows attackers to cause a denial of service.
CVE-2023-38665 1Nasm 1Netwide Assembler Nov 21, 2024 Aug 22, 2023 N/A· v4 5.5 MEDIUM· v3 N/A· v2 Null pointer dereference in ieee_write_file in nasm 2.16rc0 allows attackers to cause a denial of service (crash).
CVE-2022-29654 1Nasm 1Netwide Assembler Nov 21, 2024 Aug 22, 2023 N/A· v4 5.5 MEDIUM· v3 N/A· v2 Buffer overflow vulnerability in quote_for_pmake in asm/nasm.c in nasm before 2.15.05 allows attackers to cause a denial of service via crafted file.
CVE-2020-21687 1Nasm 1Netwide Assembler Nov 21, 2024 Aug 22, 2023 N/A· v4 5.5 MEDIUM· v3 N/A· v2 Buffer Overflow vulnerability in scan function in stdscan.c in nasm 2.15rc0 allows remote attackers to cause a denial of service via crafted asm file.
CVE-2020-21686 1Nasm 1Netwide Assembler Nov 21, 2024 Aug 22, 2023 N/A· v4 5.5 MEDIUM· v3 N/A· v2 A stack-use-after-scope issue discovered in expand_mmac_params function in preproc.c in nasm before 2.15.04 allows remote attackers to cause a denial of service via crafted asm file.
CVE-2020-21685 1Nasm 1Netwide Assembler Nov 21, 2024 Aug 22, 2023 N/A· v4 5.5 MEDIUM· v3 N/A· v2 Buffer Overflow vulnerability in hash_findi function in hashtbl.c in nasm 2.15rc0 allows remote attackers to cause a denial of service via crafted asm file.
CVE-2020-21528 1Nasm 1Netwide Assembler Nov 21, 2024 Aug 22, 2023 N/A· v4 5.5 MEDIUM· v3 N/A· v2 A Segmentation Fault issue discovered in in ieee_segment function in outieee.c in nasm 2.14.03 and 2.15 allows remote attackers to cause a denial of service via crafted assembly file.
CVE-2020-18780 1Nasm 1Netwide Assembler Nov 21, 2024 Aug 22, 2023 N/A· v4 5.5 MEDIUM· v3 N/A· v2 A Use After Free vulnerability in function new_Token in asm/preproc.c in nasm 2.14.02 allows attackers to cause a denial of service via crafted nasm command.
CVE-2023-31722 1Nasm 1Netwide Assembler Jan 22, 2025 May 17, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 There exists a heap buffer overflow in nasm 2.16.02rc1 (GitHub commit: b952891).
CVE-2022-44370 1Nasm 1Netwide Assembler Nov 21, 2024 Mar 29, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 NASM v2.16 was discovered to contain a heap buffer overflow in the component quote_for_pmake() asm/nasm.c:856
CVE-2022-44369 1Nasm 1Netwide Assembler Feb 18, 2025 Mar 29, 2023 N/A· v4 5.5 MEDIUM· v3 N/A· v2 NASM 2.16 (development) is vulnerable to 476: Null Pointer Dereference via output/outaout.c.

12 3 4 Next