Nasm

Netwide Assembler

75 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2026-6069

Exploit
  • EPSS 0.02%
  • Veröffentlicht 10.04.2026 13:30:48
  • Zuletzt bearbeitet 16.04.2026 19:48:48

NASM’s disasm() function contains a stack based buffer overflow when formatting disassembly output, allowing an attacker triggered out-of-bounds write when `slen` exceeds the buffer capacity.

6.5

CVE-2026-6068

Exploit
  • EPSS 0.04%
  • Veröffentlicht 10.04.2026 13:30:38
  • Zuletzt bearbeitet 16.04.2026 19:48:57

NASM contains a heap use after free vulnerability in response file (-@) processing where a dangling pointer to freed memory is stored in the global depend_file and later dereferenced, as the response-file buffer is freed before the pointer is used, a...

5.5

CVE-2026-6067

Exploit
  • EPSS 0.04%
  • Veröffentlicht 10.04.2026 13:30:26
  • Zuletzt bearbeitet 23.04.2026 18:34:03

A heap buffer overflow vulnerability exists in the Netwide Assembler (NASM) due to a lack of bounds checking in the obj_directive() function. This vulnerability can be exploited by a user assembling a malicious .asm file, potentially leading to heap ...

7.8

CVE-2025-8846

Exploit
  • EPSS 0.05%
  • Veröffentlicht 11.08.2025 12:32:07
  • Zuletzt bearbeitet 29.04.2026 01:00:01

A vulnerability has been found in NASM Netwide Assember 2.17rc0. Affected is the function parse_line of the file parser.c. The manipulation leads to stack-based buffer overflow. The attack needs to be approached locally. The exploit has been disclose...

7.8

CVE-2025-8845

Exploit
  • EPSS 0.05%
  • Veröffentlicht 11.08.2025 12:02:08
  • Zuletzt bearbeitet 29.04.2026 01:00:01

A vulnerability was identified in NASM Netwide Assember 2.17rc0. This issue affects the function assemble_file of the file nasm.c. The manipulation leads to stack-based buffer overflow. It is possible to launch the attack on the local host. The explo...

5.5

CVE-2025-8844

Exploit
  • EPSS 0.05%
  • Veröffentlicht 11.08.2025 11:32:08
  • Zuletzt bearbeitet 29.04.2026 01:00:01

A vulnerability was determined in NASM Netwide Assember 2.17rc0. This vulnerability affects the function parse_smacro_template of the file preproc.c. The manipulation leads to null pointer dereference. Attacking locally is a requirement. The exploit ...

7.8

CVE-2025-8843

Exploit
  • EPSS 0.06%
  • Veröffentlicht 11.08.2025 11:02:09
  • Zuletzt bearbeitet 29.04.2026 01:00:01

A vulnerability was found in NASM Netwide Assember 2.17rc0. This affects the function macho_no_dead_strip of the file outmacho.c. The manipulation leads to heap-based buffer overflow. Local access is required to approach this attack. The exploit has ...

7.8

CVE-2025-8842

Exploit
  • EPSS 0.05%
  • Veröffentlicht 11.08.2025 10:32:09
  • Zuletzt bearbeitet 29.04.2026 01:00:01

A vulnerability has been found in NASM Netwide Assember 2.17rc0. Affected by this issue is the function do_directive of the file preproc.c. The manipulation leads to use after free. An attack has to be approached locally. The exploit has been disclos...

5.5

CVE-2023-38667

Exploit
  • EPSS 0.02%
  • Veröffentlicht 22.08.2023 19:16:39
  • Zuletzt bearbeitet 21.11.2024 08:14:00

Stack-based buffer over-read in function disasm in nasm 2.16 allows attackers to cause a denial of service.

5.5

CVE-2023-38665

Exploit
  • EPSS 0.04%
  • Veröffentlicht 22.08.2023 19:16:39
  • Zuletzt bearbeitet 21.11.2024 08:14:00

Null pointer dereference in ieee_write_file in nasm 2.16rc0 allows attackers to cause a denial of service (crash).