Shodan
Vulnerabilities
Vulnerable Software
Nasm:  >> Netwide Assembler  Security Vulnerabilities
CVE-2018-1000667
NASM nasm-2.13.03 nasm- 2.14rc15 version 2.14rc15 and earlier contains a memory corruption (crashed) of nasm when handling a crafted file due to function assemble_file(inname, depend_ptr) at asm/nasm.c:482. vulnerability in function assemble_file(inname, depend_ptr) at asm/nasm.c:482. that can result in aborting/crash nasm program. This attack appear to be exploitable via a specially crafted asm file..
CVSS Score
5.5
EPSS Score
0.002
Published
2018-09-06
CVE-2018-16382
Netwide Assembler (NASM) 2.14rc15 has a buffer over-read in x86/regflags.c.
CVSS Score
5.5
EPSS Score
0.002
Published
2018-09-03
CVE-2018-10316
Netwide Assembler (NASM) 2.14rc0 has an endless while loop in the assemble_file function of asm/nasm.c because of a globallineno integer overflow.
CVSS Score
5.5
EPSS Score
0.002
Published
2018-04-24
CVE-2018-10254
Netwide Assembler (NASM) 2.13 has a stack-based buffer over-read in the disasm function of the disasm/disasm.c file. Remote attackers could leverage this vulnerability to cause a denial of service or possibly have unspecified other impact via a crafted ELF file.
CVSS Score
7.8
EPSS Score
0.003
Published
2018-04-21
CVE-2018-10016
Netwide Assembler (NASM) 2.14rc0 has a division-by-zero vulnerability in the expr5 function in asm/eval.c via a malformed input file.
CVSS Score
5.5
EPSS Score
0.003
Published
2018-04-11
CVE-2018-8881
Netwide Assembler (NASM) 2.13.02rc2 has a heap-based buffer over-read in the function tokenize in asm/preproc.c, related to an unterminated string.
CVSS Score
7.3
EPSS Score
0.002
Published
2018-03-20
CVE-2018-8882
Netwide Assembler (NASM) 2.13.02rc2 has a stack-based buffer under-read in the function ieee_shr in asm/float.c via a large shift value.
CVSS Score
7.8
EPSS Score
0.001
Published
2018-03-20
CVE-2018-8883
Netwide Assembler (NASM) 2.13.02rc2 has a buffer over-read in the parse_line function in asm/parser.c via uncontrolled access to nasm_reg_flags.
CVSS Score
7.8
EPSS Score
0.001
Published
2018-03-20
CVE-2017-17810
In Netwide Assembler (NASM) 2.14rc0, there is a "SEGV on unknown address" that will cause a remote denial of service attack, because asm/preproc.c mishandles macro calls that have the wrong number of arguments.
CVSS Score
5.5
EPSS Score
0.002
Published
2017-12-21
CVE-2017-17811
In Netwide Assembler (NASM) 2.14rc0, there is a heap-based buffer overflow that will cause a remote denial of service attack, related to a strcpy in paste_tokens in asm/preproc.c, a similar issue to CVE-2017-11111.
CVSS Score
5.5
EPSS Score
0.002
Published
2017-12-21


Products
Pricing
Contact Us

Shodan ® - All rights reserved