CVE-2026-6069

all versions

NASM’s disasm() function contains a stack based buffer overflow when formatting disassembly output, allowing an attacker trigger

7.5HIGH

CVE-2026-6068

all versions

NASM contains a heap use after free vulnerability in response file (-@) processing where a dangling pointer to freed memory is sto

9.6CRITICAL

CVE-2026-6067

all versions

A heap buffer overflow vulnerability exists in the Netwide Assembler (NASM) due to a lack of bounds checking in the obj_directive(

5.5MEDIUM

CVE-2025-8846

all versions

A vulnerability has been found in NASM Netwide Assember 2.17rc0. Affected is the function parse_line of the file parser.c. The man

5.3MEDIUM

CVE-2025-8845

all versions

A vulnerability was identified in NASM Netwide Assember 2.17rc0. This issue affects the function assemble_file of the file nasm.c.

5.3MEDIUM

CVE-2025-8844

all versions

A vulnerability was determined in NASM Netwide Assember 2.17rc0. This vulnerability affects the function parse_smacro_template of

3.3LOW

CVE-2025-8843

all versions

A vulnerability was found in NASM Netwide Assember 2.17rc0. This affects the function macho_no_dead_strip of the file outmacho.c.

5.3MEDIUM

CVE-2025-8842

all versions

A vulnerability has been found in NASM Netwide Assember 2.17rc0. Affected by this issue is the function do_directive of the file p

5.3MEDIUM

CVE-2023-38668

all versions

Stack-based buffer over-read in disasm in nasm 2.16 allows attackers to cause a denial of service (crash).

5.5MEDIUM

CVE-2023-38667

all versions

Stack-based buffer over-read in function disasm in nasm 2.16 allows attackers to cause a denial of service.

5.5MEDIUM

CVE-2023-38665

all versions

Null pointer dereference in ieee_write_file in nasm 2.16rc0 allows attackers to cause a denial of service (crash).

5.5MEDIUM

CVE-2022-29654

< 2.15.05

Buffer overflow vulnerability in quote_for_pmake in asm/nasm.c in nasm before 2.15.05 allows attackers to cause a denial of servic

5.5MEDIUM

CVE-2020-21687

all versions

Buffer Overflow vulnerability in scan function in stdscan.c in nasm 2.15rc0 allows remote attackers to cause a denial of service v

5.5MEDIUM

CVE-2020-21686

< 2.15.04

A stack-use-after-scope issue discovered in expand_mmac_params function in preproc.c in nasm before 2.15.04 allows remote attacker

5.5MEDIUM

CVE-2020-21685

all versions

Buffer Overflow vulnerability in hash_findi function in hashtbl.c in nasm 2.15rc0 allows remote attackers to cause a denial of ser

5.5MEDIUM

CVE-2020-21528

all versions

A Segmentation Fault issue discovered in ieee_segment function in outieee.c in nasm 2.14.03 and 2.15 allows remote attackers to

5.5MEDIUM

CVE-2020-18780

all versions

A Use After Free vulnerability in function new_Token in asm/preproc.c in nasm 2.14.02 allows attackers to cause a denial of servic

5.5MEDIUM

CVE-2023-31722

all versions

There exists a heap buffer overflow in nasm 2.16.02rc1 (GitHub commit: b952891).

7.8HIGH

CVE-2022-44370

< 2.16

NASM v2.16 was discovered to contain a heap buffer overflow in the component quote_for_pmake() asm/nasm.c:856

7.8HIGH

CVE-2022-44369

all versions

NASM 2.16 (development) is vulnerable to 476: Null Pointer Dereference via output/outaout.c.

5.5MEDIUM

CVE-2022-44368

all versions

NASM v2.16 was discovered to contain a null pointer deference in the NASM component

5.5MEDIUM

CVE-2022-46457

all versions

NASM v2.16 was discovered to contain a segmentation violation in the component ieee_write_file at /output/outieee.c.

5.5MEDIUM

CVE-2022-46456

all versions

NASM v2.16 was discovered to contain a global buffer overflow in the component dbgdbg_typevalue at /output/outdbg.c.

6.1MEDIUM

CVE-2022-41420

all versions

nasm v2.16 was discovered to contain a stack overflow in the Ndisasm component

5.5MEDIUM

CVE-2021-33452

all versions

An issue was discovered in NASM version 2.16rc0. There are memory leaks in nasm_malloc() in nasmlib/alloc.c.

5.5MEDIUM

CVE-2021-33450

all versions

An issue was discovered in NASM version 2.16rc0. There are memory leaks in nasm_calloc() in nasmlib/alloc.c.

5.5MEDIUM

CVE-2021-45257

all versions

An infinite loop vulnerability exists in nasm 2.16rc0 via the gpaste_tokens function.

5.5MEDIUM

CVE-2021-45256

all versions

A Null Pointer Dereference vulnerability existfs in nasm 2.16rc0 via asm/preproc.c.

5.5MEDIUM

CVE-2020-18974

>= 2.15 and <= 2.15.05

Buffer Overflow in Netwide Assembler (NASM) v2.15.xx allows attackers to cause a denial of service via 'crc64i' in the component '

3.3LOW

CVE-2020-24978

all versions

In NASM 2.15.04rc3, there is a double-free vulnerability in pp_tokline asm/preproc.c. This is fixed in commit 8806c3ca007b84accac2

9.8CRITICAL

CVE-2020-24242

all versions

In Netwide Assembler (NASM) 2.15rc10, SEGV can be triggered in tok_text in asm/preproc.c by accessing READ memory.

5.5MEDIUM

CVE-2020-24241

all versions

In Netwide Assembler (NASM) 2.15rc10, there is heap use-after-free in saa_wbytes in nasmlib/saa.c.

5.5MEDIUM

CVE-2019-20352

all versions

In Netwide Assembler (NASM) 2.15rc0, a heap-based buffer over-read occurs (via a crafted .asm file) in set_text_free when called f

7.1HIGH

CVE-2019-20334

all versions

In Netwide Assembler (NASM) 2.14.02, stack consumption occurs in expr# functions in asm/eval.c. This potentially affects the relat

5.5MEDIUM

CVE-2019-14248

>= 2.14 and <= 2.14.02

In libnasm.a in Netwide Assembler (NASM) 2.14.xx, asm/pragma.c allows a NULL pointer dereference in process_pragma, search_pragma_

5.5MEDIUM

CVE-2019-8343

all versions

In Netwide Assembler (NASM) 2.14.02, there is a use-after-free in paste_tokens in asm/preproc.c.

7.8HIGH

CVE-2019-7147

all versions

A buffer over-read exists in the function crc64ib in crc64.c in nasmlib in Netwide Assembler (NASM) 2.14rc16. A crafted asm input

5.5MEDIUM

CVE-2019-6291

<= 2.14.02

An issue was discovered in the function expr6 in eval.c in Netwide Assembler (NASM) through 2.14.02. There is a stack exhaustion p

5.5MEDIUM

CVE-2019-6290

<= 2.14.02

An infinite recursion issue was discovered in eval.c in Netwide Assembler (NASM) through 2.14.02. There is a stack exhaustion prob

5.5MEDIUM

CVE-2018-20538

all versions

There is a use-after-free at asm/preproc.c (function pp_getline) in Netwide Assembler (NASM) 2.14rc16 that will cause a denial of

5.5MEDIUM

CVE-2018-20535

all versions

There is a use-after-free at asm/preproc.c (function pp_getline) in Netwide Assembler (NASM) 2.14rc16 that will cause a denial of

5.5MEDIUM

CVE-2018-1000886

all versions

nasm version 2.14.01rc5, 2.15 contains a Buffer Overflow vulnerability in asm/stdscan.c:130 that can result in Stack-overflow caus

5.5MEDIUM

CVE-2018-19755

all versions

There is an illegal address access at asm/preproc.c (function: is_mmacro) in Netwide Assembler (NASM) 2.14rc16 that will cause a d

5.5MEDIUM

CVE-2018-19216

< 2.13.02

Netwide Assembler (NASM) before 2.13.02 has a use-after-free in detoken at asm/preproc.c.

7.8HIGH

CVE-2018-19215

all versions

Netwide Assembler (NASM) 2.14rc16 has a heap-based buffer over-read in expand_mmac_params in asm/preproc.c for the special cases o

7.8HIGH

CVE-2018-19214

all versions

Netwide Assembler (NASM) 2.14rc15 has a heap-based buffer over-read in expand_mmac_params in asm/preproc.c for insufficient input.

7.8HIGH

CVE-2018-19213

all versions

Netwide Assembler (NASM) through 2.14rc16 has memory leaks that may lead to DoS, related to nasm_malloc in nasmlib/malloc.c.

5.5MEDIUM

CVE-2018-19209

all versions

Netwide Assembler (NASM) 2.14rc15 has a NULL pointer dereference in the function find_label in asm/labels.c that will lead to a Do

5.5MEDIUM

CVE-2018-16999

all versions

Netwide Assembler (NASM) 2.14rc15 has an invalid memory write (segmentation fault) in expand_smacro in preproc.c, which allows att

5.5MEDIUM

CVE-2018-16517

<= 2.13.03

asm/labels.c in Netwide Assembler (NASM) is prone to NULL Pointer Dereference, which allows the attacker to cause a denial of serv

5.5MEDIUM

CVE-2018-1000667

<= 2.14.0

NASM nasm-2.13.03 nasm- 2.14rc15 version 2.14rc15 and earlier contains a memory corruption (crashed) of nasm when handling a craft

5.5MEDIUM

CVE-2018-16382

all versions

Netwide Assembler (NASM) 2.14rc15 has a buffer over-read in x86/regflags.c.

5.5MEDIUM

CVE-2018-10316

all versions

Netwide Assembler (NASM) 2.14rc0 has an endless while loop in the assemble_file function of asm/nasm.c because of a globallineno i

5.5MEDIUM

CVE-2018-10254

all versions

Netwide Assembler (NASM) 2.13 has a stack-based buffer over-read in the disasm function of the disasm/disasm.c file. Remote attack

7.8HIGH

CVE-2018-10016

all versions

Netwide Assembler (NASM) 2.14rc0 has a division-by-zero vulnerability in the expr5 function in asm/eval.c via a malformed input fi

5.5MEDIUM

CVE-2018-8883

all versions

Netwide Assembler (NASM) 2.13.02rc2 has a buffer over-read in the parse_line function in asm/parser.c via uncontrolled access to n

7.8HIGH

CVE-2018-8882

all versions

Netwide Assembler (NASM) 2.13.02rc2 has a stack-based buffer under-read in the function ieee_shr in asm/float.c via a large shift

7.8HIGH

CVE-2018-8881

all versions

Netwide Assembler (NASM) 2.13.02rc2 has a heap-based buffer over-read in the function tokenize in asm/preproc.c, related to an unt

7.3HIGH

CVE-2017-17820

all versions

In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in pp_list_one_macro in asm/preproc.c that will lead to a remote de

5.5MEDIUM

CVE-2017-17819

all versions

In Netwide Assembler (NASM) 2.14rc0, there is an illegal address access in the function find_cc() in asm/preproc.c that will cause

5.5MEDIUM

CVE-2017-17818

all versions

In Netwide Assembler (NASM) 2.14rc0, there is a heap-based buffer over-read that will cause a remote denial of service attack, rel

7.5HIGH

CVE-2017-17817

all versions

In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in pp_verror in asm/preproc.c that will cause a remote denial of se

5.5MEDIUM

CVE-2017-17816

all versions

In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in pp_getline in asm/preproc.c that will cause a remote denial of s

5.5MEDIUM

CVE-2017-17815

all versions

In Netwide Assembler (NASM) 2.14rc0, there is an illegal address access in is_mmacro() in asm/preproc.c that will cause a remote d

5.5MEDIUM

CVE-2017-17814

all versions

In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in do_directive in asm/preproc.c that will cause a remote denial of

5.5MEDIUM

CVE-2017-17813

all versions

In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in the pp_list_one_macro function in asm/preproc.c that will cause

5.5MEDIUM

CVE-2017-17812

all versions

In Netwide Assembler (NASM) 2.14rc0, there is a heap-based buffer over-read in the function detoken() in asm/preproc.c that will c

5.5MEDIUM

CVE-2017-17811

all versions

In Netwide Assembler (NASM) 2.14rc0, there is a heap-based buffer overflow that will cause a remote denial of service attack, rela

5.5MEDIUM

CVE-2017-17810

all versions

In Netwide Assembler (NASM) 2.14rc0, there is a "SEGV on unknown address" that will cause a remote denial of service attack, becau

5.5MEDIUM

CVE-2017-14228

all versions

In Netwide Assembler (NASM) 2.14rc0, there is an illegal address access in the function paste_tokens() in preproc.c, aka a NULL po

5.5MEDIUM

CVE-2017-11111

all versions

In Netwide Assembler (NASM) 2.14rc0, preproc.c allows remote attackers to cause a denial of service (heap-based buffer overflow an

7.8HIGH

CVE-2017-10686

all versions

In Netwide Assembler (NASM) 2.14rc0, there are multiple heap use after free vulnerabilities in the tool nasm. The related heap is

7.8HIGH

CVE-2008-7177

<= 2.03.01

Buffer overflow in the listing module in Netwide Assembler (NASM) before 2.03.01 has unknown impact and attack vectors, a differen

CVE-2008-2719

all versions

Off-by-one error in the ppscan function (preproc.c) in Netwide Assembler (NASM) 2.02 allows context-dependent attackers to cause a

CVE-2004-1287

all versions

Buffer overflow in the error function in preproc.c for NASM 0.98.38 1.2 allows attackers to execute arbitrary code via a crafted a