Netwide Assembler
by Nasm
Source repositories
CVEs (28)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-8843 | Med | 0.34 | 5.3 | 0.00 | Aug 11, 2025 | A vulnerability was found in NASM Netwide Assember 2.17rc0. This affects the function macho_no_dead_strip of the file outmacho.c. The manipulation leads to heap-based buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public… | ||
| CVE-2025-8842 | Med | 0.34 | 5.3 | 0.00 | Aug 11, 2025 | A vulnerability has been found in NASM Netwide Assember 2.17rc0. Affected by this issue is the function do_directive of the file preproc.c. The manipulation leads to use after free. An attack has to be approached locally. The exploit has been disclosed to the public and may be… | ||
| CVE-2025-8844 | Low | 0.21 | 3.3 | 0.00 | Aug 11, 2025 | A vulnerability was determined in NASM Netwide Assember 2.17rc0. This vulnerability affects the function parse_smacro_template of the file preproc.c. The manipulation leads to null pointer dereference. Attacking locally is a requirement. The exploit has been disclosed to the… | ||
| CVE-2008-2719 | 0.04 | — | 0.10 | Jun 16, 2008 | Off-by-one error in the ppscan function (preproc.c) in Netwide Assembler (NASM) 2.02 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted file that triggers a stack-based buffer overflow. | |||
| CVE-2004-1287 | 0.04 | — | 0.18 | Jan 10, 2005 | Buffer overflow in the error function in preproc.c for NASM 0.98.38 1.2 allows attackers to execute arbitrary code via a crafted asm file, a different vulnerability than CVE-2005-1194. | |||
| CVE-2020-21528 | 0.00 | — | 0.00 | Aug 22, 2023 | A Segmentation Fault issue discovered in in ieee_segment function in outieee.c in nasm 2.14.03 and 2.15 allows remote attackers to cause a denial of service via crafted assembly file. | |||
| CVE-2020-18974 | 0.00 | — | 0.01 | Aug 25, 2021 | Buffer Overflow in Netwide Assembler (NASM) v2.15.xx allows attackers to cause a denial of service via 'crc64i' in the component 'nasmlib/crc64'. This issue is different than CVE-2019-7147. | |||
| CVE-2008-7177 | 0.00 | — | 0.02 | Sep 8, 2009 | Buffer overflow in the listing module in Netwide Assembler (NASM) before 2.03.01 has unknown impact and attack vectors, a different vulnerability than CVE-2008-2719. |
- risk 0.34cvss 5.3epss 0.00
A vulnerability was found in NASM Netwide Assember 2.17rc0. This affects the function macho_no_dead_strip of the file outmacho.c. The manipulation leads to heap-based buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public…
- risk 0.34cvss 5.3epss 0.00
A vulnerability has been found in NASM Netwide Assember 2.17rc0. Affected by this issue is the function do_directive of the file preproc.c. The manipulation leads to use after free. An attack has to be approached locally. The exploit has been disclosed to the public and may be…
- risk 0.21cvss 3.3epss 0.00
A vulnerability was determined in NASM Netwide Assember 2.17rc0. This vulnerability affects the function parse_smacro_template of the file preproc.c. The manipulation leads to null pointer dereference. Attacking locally is a requirement. The exploit has been disclosed to the…
- CVE-2008-2719Jun 16, 2008risk 0.04cvss —epss 0.10
Off-by-one error in the ppscan function (preproc.c) in Netwide Assembler (NASM) 2.02 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted file that triggers a stack-based buffer overflow.
- CVE-2004-1287Jan 10, 2005risk 0.04cvss —epss 0.18
Buffer overflow in the error function in preproc.c for NASM 0.98.38 1.2 allows attackers to execute arbitrary code via a crafted asm file, a different vulnerability than CVE-2005-1194.
- CVE-2020-21528Aug 22, 2023risk 0.00cvss —epss 0.00
A Segmentation Fault issue discovered in in ieee_segment function in outieee.c in nasm 2.14.03 and 2.15 allows remote attackers to cause a denial of service via crafted assembly file.
- CVE-2020-18974Aug 25, 2021risk 0.00cvss —epss 0.01
Buffer Overflow in Netwide Assembler (NASM) v2.15.xx allows attackers to cause a denial of service via 'crc64i' in the component 'nasmlib/crc64'. This issue is different than CVE-2019-7147.
- CVE-2008-7177Sep 8, 2009risk 0.00cvss —epss 0.02
Buffer overflow in the listing module in Netwide Assembler (NASM) before 2.03.01 has unknown impact and attack vectors, a different vulnerability than CVE-2008-2719.
Page 2 of 2