VYPR

Netwide Assembler

by Nasm

Source repositories

CVEs (28)

  • CVE-2025-8843MedAug 11, 2025
    risk 0.34cvss 5.3epss 0.00

    A vulnerability was found in NASM Netwide Assember 2.17rc0. This affects the function macho_no_dead_strip of the file outmacho.c. The manipulation leads to heap-based buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public…

  • CVE-2025-8842MedAug 11, 2025
    risk 0.34cvss 5.3epss 0.00

    A vulnerability has been found in NASM Netwide Assember 2.17rc0. Affected by this issue is the function do_directive of the file preproc.c. The manipulation leads to use after free. An attack has to be approached locally. The exploit has been disclosed to the public and may be…

  • CVE-2025-8844LowAug 11, 2025
    risk 0.21cvss 3.3epss 0.00

    A vulnerability was determined in NASM Netwide Assember 2.17rc0. This vulnerability affects the function parse_smacro_template of the file preproc.c. The manipulation leads to null pointer dereference. Attacking locally is a requirement. The exploit has been disclosed to the…

  • CVE-2008-2719Jun 16, 2008
    risk 0.04cvss epss 0.10

    Off-by-one error in the ppscan function (preproc.c) in Netwide Assembler (NASM) 2.02 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted file that triggers a stack-based buffer overflow.

  • CVE-2004-1287Jan 10, 2005
    risk 0.04cvss epss 0.18

    Buffer overflow in the error function in preproc.c for NASM 0.98.38 1.2 allows attackers to execute arbitrary code via a crafted asm file, a different vulnerability than CVE-2005-1194.

  • CVE-2020-21528Aug 22, 2023
    risk 0.00cvss epss 0.00

    A Segmentation Fault issue discovered in in ieee_segment function in outieee.c in nasm 2.14.03 and 2.15 allows remote attackers to cause a denial of service via crafted assembly file.

  • CVE-2020-18974Aug 25, 2021
    risk 0.00cvss epss 0.01

    Buffer Overflow in Netwide Assembler (NASM) v2.15.xx allows attackers to cause a denial of service via 'crc64i' in the component 'nasmlib/crc64'. This issue is different than CVE-2019-7147.

  • CVE-2008-7177Sep 8, 2009
    risk 0.00cvss epss 0.02

    Buffer overflow in the listing module in Netwide Assembler (NASM) before 2.03.01 has unknown impact and attack vectors, a different vulnerability than CVE-2008-2719.

Page 2 of 2