VYPR

Vendor CVEs

yasm

All CVEs

36 total · sorted by risk
  • CVE-2023-31724HigMay 17, 2023
    risk 0.51cvss 7.8epss 0.00

    yasm 1.3.0.55.g101bc was discovered to contain a segmentation violation via the function do_directive at /nasm/nasm-pp.c.

  • CVE-2023-51258MedJan 18, 2024
    risk 0.36cvss 5.5epss 0.00

    A memory leak issue discovered in YASM v.1.3.0 allows a local attacker to cause a denial of service via the new_Token function in the modules/preprocs/nasm/nasm-pp:1512.

  • CVE-2023-49558MedJan 3, 2024
    risk 0.36cvss 5.5epss 0.00

    An issue in YASM 1.3.0.86.g9def allows a remote attacker to cause a denial of service via the expand_mmac_params function in the modules/preprocs/nasm/nasm-pp.c component.

  • CVE-2023-49557MedJan 3, 2024
    risk 0.36cvss 5.5epss 0.00

    An issue in YASM 1.3.0.86.g9def allows a remote attacker to cause a denial of service via the yasm_section_bcs_first function in the libyasm/section.c component.

  • CVE-2023-49556MedJan 3, 2024
    risk 0.36cvss 5.5epss 0.00

    Buffer Overflow vulnerability in YASM 1.3.0.86.g9def allows a remote attacker to cause a denial of service via the expr_delete_term function in the libyasm/expr.c component.

  • CVE-2023-49555MedJan 3, 2024
    risk 0.36cvss 5.5epss 0.00

    An issue in YASM 1.3.0.86.g9def allows a remote attacker to cause a denial of service via the expand_smacro function in the modules/preprocs/nasm/nasm-pp.c component.

  • CVE-2023-49554MedJan 3, 2024
    risk 0.36cvss 5.5epss 0.00

    Use After Free vulnerability in YASM 1.3.0.86.g9def allows a remote attacker to cause a denial of service via the do_directive function in the modules/preprocs/nasm/nasm-pp.c component.

  • CVE-2023-37732MedJul 26, 2023
    risk 0.36cvss 5.5epss 0.00

    Yasm v1.3.0.78 was found prone to NULL Pointer Dereference in /libyasm/intnum.c and /elf/elf.c, which allows the attacker to cause a denial of service via a crafted file.

  • CVE-2023-31725MedMay 17, 2023
    risk 0.36cvss 5.5epss 0.00

    yasm 1.3.0.55.g101bc was discovered to contain a heap-use-after-free via the function expand_mmac_params at yasm/modules/preprocs/nasm/nasm-pp.c.

  • CVE-2023-31723MedMay 17, 2023
    risk 0.36cvss 5.5epss 0.00

    yasm 1.3.0.55.g101bc was discovered to contain a segmentation violation via the function expand_mmac_params at /nasm/nasm-pp.c.

  • CVE-2023-31973MedMay 9, 2023
    risk 0.36cvss 5.5epss 0.00

    yasm v1.3.0 was discovered to contain a use after free via the function expand_mmac_params at /nasm/nasm-pp.c. Note: Multiple third parties dispute this as a bug and not a vulnerability according to the YASM security policy.

  • CVE-2023-31974MedMay 9, 2023
    risk 0.36cvss 5.5epss 0.00

    yasm v1.3.0 was discovered to contain a use after free via the function error at /nasm/nasm-pp.c. Note: Multiple third parties dispute this as a bug and not a vulnerability according to the YASM security policy.

  • CVE-2023-31972MedMay 9, 2023
    risk 0.36cvss 5.5epss 0.00

    yasm v1.3.0 was discovered to contain a use after free via the function pp_getline at /nasm/nasm-pp.c. Note: Multiple third parties dispute this as a bug and not a vulnerability according to the YASM security policy.

  • CVE-2023-30402MedApr 25, 2023
    risk 0.36cvss 5.5epss 0.00

    YASM v1.3.0 was discovered to contain a heap overflow via the function handle_dot_label at /nasm/nasm-token.re. Note: This has been disputed by third parties who argue this is a bug and not a security issue because yasm is a standalone program not designed to run untrusted code.

  • CVE-2023-29583MedApr 24, 2023
    risk 0.36cvss 5.5epss 0.00

    yasm 1.3.0.55.g101bc was discovered to contain a stack overflow via the function parse_expr5 at /nasm/nasm-parse.c. Note: This has been disputed by third parties who argue this is a bug and not a security issue because yasm is a standalone program not designed to run untrusted…

  • CVE-2023-29582MedApr 24, 2023
    risk 0.36cvss 5.5epss 0.00

    yasm 1.3.0.55.g101bc was discovered to contain a stack overflow via the function parse_expr1 at /nasm/nasm-parse.c. Note: This has been disputed by third parties who argue this is a bug and not a security issue because yasm is a standalone program not designed to run untrusted…

  • CVE-2023-29579MedApr 24, 2023
    risk 0.36cvss 5.5epss 0.00

    yasm 1.3.0.55.g101bc was discovered to contain a stack overflow via the component yasm/yasm+0x43b466 in vsprintf. Note: This has been disputed by third parties who argue this is a bug and not a security issue because yasm is a standalone program not designed to run untrusted…

  • CVE-2023-29581MedApr 12, 2023
    risk 0.36cvss 5.5epss 0.00

    yasm 1.3.0.55.g101bc has a segmentation violation in the function delete_Token at modules/preprocs/nasm/nasm-pp.c. NOTE: although a libyasm application could become unavailable if this were exploited, the vendor's position is that there is no security relevance because there is…

  • CVE-2023-29580MedApr 12, 2023
    risk 0.36cvss 5.5epss 0.00

    yasm 1.3.0.55.g101bc was discovered to contain a segmentation violation via the component yasm_expr_create at /libyasm/expr.c.

  • CVE-2021-33468MedJul 26, 2022
    risk 0.36cvss 5.5epss 0.00

    An issue was discovered in yasm version 1.3.0. There is a use-after-free in error() in modules/preprocs/nasm/nasm-pp.c.

  • CVE-2021-33467MedJul 26, 2022
    risk 0.36cvss 5.5epss 0.00

    An issue was discovered in yasm version 1.3.0. There is a use-after-free in pp_getline() in modules/preprocs/nasm/nasm-pp.c.

  • CVE-2021-33466MedJul 26, 2022
    risk 0.36cvss 5.5epss 0.00

    An issue was discovered in yasm version 1.3.0. There is a NULL pointer dereference in expand_smacro() in modules/preprocs/nasm/nasm-pp.c.

  • CVE-2021-33465MedJul 26, 2022
    risk 0.36cvss 5.5epss 0.00

    An issue was discovered in yasm version 1.3.0. There is a NULL pointer dereference in expand_mmacro() in modules/preprocs/nasm/nasm-pp.c.

  • CVE-2021-33464MedJul 26, 2022
    risk 0.36cvss 5.5epss 0.00

    An issue was discovered in yasm version 1.3.0. There is a heap-buffer-overflow in inc_fopen() in modules/preprocs/nasm/nasm-pp.c.

  • CVE-2021-33463MedJul 26, 2022
    risk 0.36cvss 5.5epss 0.00

    An issue was discovered in yasm version 1.3.0. There is a NULL pointer dereference in yasm_expr__copy_except() in libyasm/expr.c.

  • CVE-2021-33462MedJul 26, 2022
    risk 0.36cvss 5.5epss 0.00

    An issue was discovered in yasm version 1.3.0. There is a use-after-free in expr_traverse_nodes_post() in libyasm/expr.c.

  • CVE-2021-33461MedJul 26, 2022
    risk 0.36cvss 5.5epss 0.00

    An issue was discovered in yasm version 1.3.0. There is a use-after-free in yasm_intnum_destroy() in libyasm/intnum.c.

  • CVE-2021-33460MedJul 26, 2022
    risk 0.36cvss 5.5epss 0.00

    An issue was discovered in yasm version 1.3.0. There is a NULL pointer dereference in if_condition() in modules/preprocs/nasm/nasm-pp.c.

  • CVE-2021-33459MedJul 26, 2022
    risk 0.36cvss 5.5epss 0.00

    An issue was discovered in yasm version 1.3.0. There is a NULL pointer dereference in nasm_parser_directive() in modules/parsers/nasm/nasm-parse.c.

  • CVE-2021-33458MedJul 26, 2022
    risk 0.36cvss 5.5epss 0.00

    An issue was discovered in yasm version 1.3.0. There is a NULL pointer dereference in find_cc() in modules/preprocs/nasm/nasm-pp.c.

  • CVE-2021-33457MedJul 26, 2022
    risk 0.36cvss 5.5epss 0.00

    An issue was discovered in yasm version 1.3.0. There is a NULL pointer dereference in expand_mmac_params() in modules/preprocs/nasm/nasm-pp.c.

  • CVE-2021-33456MedJul 26, 2022
    risk 0.36cvss 5.5epss 0.00

    An issue was discovered in yasm version 1.3.0. There is a NULL pointer dereference in hash() in modules/preprocs/nasm/nasm-pp.c.

  • CVE-2021-33455MedJul 26, 2022
    risk 0.36cvss 5.5epss 0.00

    An issue was discovered in yasm version 1.3.0. There is a NULL pointer dereference in do_directive() in modules/preprocs/nasm/nasm-pp.c.

  • CVE-2021-33454MedJul 26, 2022
    risk 0.36cvss 5.5epss 0.00

    An issue was discovered in yasm version 1.3.0. There is a NULL pointer dereference in yasm_expr_get_intnum() in libyasm/expr.c.

  • CVE-2024-22653MedMay 29, 2025
    risk 0.31cvss 4.8epss 0.00

    yasm commit 9defefae was discovered to contain a NULL pointer dereference via the yasm_section_bcs_append function at section.c.

  • CVE-2023-31975LowMay 9, 2023
    risk 0.21cvss 3.3epss 0.00

    yasm v1.3.0 was discovered to contain a memory leak via the function yasm_intnum_copy at /libyasm/intnum.c. Note: Multiple third parties dispute this as a bug and not a vulnerability according to the YASM security policy.