41 matches found
Radare2 安全漏洞
Radare2 is an open-source reverse framework for Unix geeks developed by Radare. Version 5.9.9 of Radare2 contains a security vulnerability, which stems from incorrect operations on the function walkexportstrie found in the file libr/bin/format/mach0/mach0.c, potentially leading to resource...
SUSE CVE-2026-22780
Rizin is a UNIX-like reverse engineering framework and command-line toolset. Prior to 0.8.2, a heap overflow can be exploited when a malicious mach0 file, having bogus entries for the dyld chained segments, is parsed by rizin. This vulnerability is fixed in 0.8.2...
CVE-2026-22780
A flaw was found in Rizin, a UNIX-like reverse engineering framework. This heap overflow vulnerability can be exploited when a user parses a malicious mach0 file that contains specially crafted entries for the dynamic linker dyld chained segments. Successful exploitation could allow a remote...
CVE-2026-22780
Rizin is a UNIX-like reverse engineering framework and command-line toolset. Prior to 0.8.2, a heap overflow can be exploited when a malicious mach0 file, having bogus entries for the dyld chained segments, is parsed by rizin. This vulnerability is fixed in 0.8.2...
CVE-2026-22780 Rizin has a heap overflow on mach0_chained_fixups.c
Rizin is a UNIX-like reverse engineering framework and command-line toolset. Prior to 0.8.2, a heap overflow can be exploited when a malicious mach0 file, having bogus entries for the dyld chained segments, is parsed by rizin. This vulnerability is fixed in 0.8.2...
CVE-2026-22780 Rizin has a heap overflow on mach0_chained_fixups.c
Rizin is a UNIX-like reverse engineering framework and command-line toolset. Prior to 0.8.2, a heap overflow can be exploited when a malicious mach0 file, having bogus entries for the dyld chained segments, is parsed by rizin. This vulnerability is fixed in 0.8.2...
CVE-2026-22780 Rizin has a heap overflow on mach0_chained_fixups.c
Rizin is a UNIX-like reverse engineering framework and command-line toolset. Prior to 0.8.2, a heap overflow can be exploited when a malicious mach0 file, having bogus entries for the dyld chained segments, is parsed by rizin. This vulnerability is fixed in 0.8.2...
CVE-2026-22780
Rizin is a UNIX-like reverse engineering framework and command-line toolset. Prior to 0.8.2, a heap overflow can be exploited when a malicious mach0 file, having bogus entries for the dyld chained segments, is parsed by rizin. This vulnerability is fixed in 0.8.2...
PT-2026-5711
Name of the Vulnerable Software and Affected Versions Rizin versions prior to 0.8.2 Description Rizin, a reverse engineering framework, contains a flaw where a heap overflow can occur when processing maliciously crafted mach0 files with invalid dyld chained segment entries. This issue can be...
Rizin 安全漏洞
Rizin is a free, open-source reverse-engineering framework developed by the Rizin organization. It is used for analyzing binary files, disassembling code, debugging programs, as a forensics tool, and as a command-line hexadecimal editor capable of opening disk files. Versions of Rizin prior to...
Linux Distros Unpatched Vulnerability : CVE-2022-1240
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Heap buffer overflow in libr/bin/format/mach0/mach0.c in GitHub repository radareorg/radare2 prior to 5.8.6. If address sanitizer is disabled during the...
Linux Distros Unpatched Vulnerability : CVE-2022-1649
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Null pointer dereference in libr/bin/format/mach0/mach0.c in radareorg/radare2 in GitHub repository radareorg/radare2 prior to 5.7.0. It is likely to be...
Linux Distros Unpatched Vulnerability : CVE-2017-7946
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The getrelocs64 function in libr/bin/format/mach0/mach0.c in radare2 1.3.0 allows remote attackers to cause a denial of service use-after-free and application...
CVE-2017-7946
The getrelocs64 function in libr/bin/format/mach0/mach0.c in radare2 1.3.0 allows remote attackers to cause a denial of service use-after-free and application crash via a crafted Mach0 file...
SUSE CVE-2022-1240
Heap buffer overflow in libr/bin/format/mach0/mach0.c in GitHub repository radareorg/radare2 prior to 5.8.6. If address sanitizer is disabled during the compiling, the program should executes into the rstrncpy function. Therefore I think it is very likely to be exploitable. For more general...
SUSE CVE-2022-1649
Null pointer dereference in libr/bin/format/mach0/mach0.c in radareorg/radare2 in GitHub repository radareorg/radare2 prior to 5.7.0. It is likely to be exploitable. For more general description of heap buffer overflow, see CWE...
CVE-2022-1649
Null pointer dereference in libr/bin/format/mach0/mach0.c in radareorg/radare2 in GitHub repository radareorg/radare2 prior to 5.7.0. It is likely to be exploitable. For more general description of heap buffer overflow, see CWE...
UBUNTU-CVE-2022-1649
Null pointer dereference in libr/bin/format/mach0/mach0.c in radareorg/radare2 in GitHub repository radareorg/radare2 prior to 5.7.0. It is likely to be exploitable. For more general description of heap buffer overflow, see CWE...
CVE-2022-1649 Null pointer dereference in libr/bin/format/mach0/mach0.c in radareorg/radare2 in radareorg/radare2
Null pointer dereference in libr/bin/format/mach0/mach0.c in radareorg/radare2 in GitHub repository radareorg/radare2 prior to 5.7.0. It is likely to be exploitable. For more general description of heap buffer overflow, see CWE...
CVE-2022-1649
Null pointer dereference in libr/bin/format/mach0/mach0.c in radareorg/radare2 in GitHub repository radareorg/radare2 prior to 5.7.0. It is likely to be exploitable. For more general description of heap buffer overflow, see CWE...