Every CVE whose affected-product data names Yasm Project Yasm, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (17)
CVE-2023-31724 — CVSS 7.8 (high): yasm 1.3.0.55.g101bc was discovered to contain a segmentation violation via the function do_directive at /nasm/nasm-pp.c.
CVE-2023-29580 — CVSS 5.5 (medium): yasm 1.3.0.55.g101bc was discovered to contain a segmentation violation via the component yasm_expr_create at /libyasm/expr.c.
CVE-2023-29581 — CVSS 5.5 (medium): yasm 1.3.0.55.g101bc has a segmentation violation in the function delete_Token at modules/preprocs/nasm/nasm-pp.c. NOTE: although a libyasm…
CVE-2023-29582 — CVSS 5.5 (medium): yasm 1.3.0.55.g101bc was discovered to contain a stack overflow via the function parse_expr1 at /nasm/nasm-parse.c. Note: This has been…
CVE-2023-29583 — CVSS 5.5 (medium): yasm 1.3.0.55.g101bc was discovered to contain a stack overflow via the function parse_expr5 at /nasm/nasm-parse.c. Note: This has been…
CVE-2023-30402 — CVSS 5.5 (medium): YASM v1.3.0 was discovered to contain a heap overflow via the function handle_dot_label at /nasm/nasm-token.re. Note: This has been…
CVE-2023-31723 — CVSS 5.5 (medium): yasm 1.3.0.55.g101bc was discovered to contain a segmentation violation via the function expand_mmac_params at /nasm/nasm-pp.c.
CVE-2023-31725 — CVSS 5.5 (medium): yasm 1.3.0.55.g101bc was discovered to contain a heap-use-after-free via the function expand_mmac_params at yasm/modules/preprocs/nasm/nasm-…
CVE-2023-29579 — CVSS 5.5 (medium): yasm 1.3.0.55.g101bc was discovered to contain a stack overflow via the component yasm/yasm+0x43b466 in vsprintf. Note: This has been…
CVE-2023-49557 — CVSS 5.5 (medium): An issue in YASM 1.3.0.86.g9def allows a remote attacker to cause a denial of service via the yasm_section_bcs_first function in the…
CVE-2023-49558 — CVSS 5.5 (medium): An issue in YASM 1.3.0.86.g9def allows a remote attacker to cause a denial of service via the expand_mmac_params function in the…
CVE-2023-37732 — CVSS 5.5 (medium): Yasm v1.3.0.78 was found prone to NULL Pointer Dereference in /libyasm/intnum.c and /elf/elf.c, which allows the attacker to cause a denial…
CVE-2023-49554 — CVSS 5.5 (medium): Use After Free vulnerability in YASM 1.3.0.86.g9def allows a remote attacker to cause a denial of service via the do_directive function in…
CVE-2023-49555 — CVSS 5.5 (medium): An issue in YASM 1.3.0.86.g9def allows a remote attacker to cause a denial of service via the expand_smacro function in the…
CVE-2023-49556 — CVSS 5.5 (medium): Buffer Overflow vulnerability in YASM 1.3.0.86.g9def allows a remote attacker to cause a denial of service via the expr_delete_term…
CVE-2024-22653 — CVSS 4.8 (medium): yasm commit 9defefae was discovered to contain a NULL pointer dereference via the yasm_section_bcs_append function at section.c.
CVE-2023-31975 — CVSS 3.3 (low): yasm v1.3.0 was discovered to contain a memory leak via the function yasm_intnum_copy at /libyasm/intnum.c. Note: Multiple third parties…