6 matches found
CVE-2018-11377
The avropanalyze function in radare2 2.5.0 allows remote attackers to cause a denial of service heap-based out-of-bounds read and application crash via a crafted binary file...
CVE-2018-11382
The inststs function in radare2 2.5.0 allows remote attackers to cause a denial of service heap-based out-of-bounds read and application crash via a crafted binary file...
CVE-2018-11380
The parseimportptr function in radare2 2.5.0 allows remote attackers to cause a denial of service heap-based out-of-bounds read and application crash via a crafted Mach-O file...
CVE-2018-11383
The rstrbuffini function in radare2 2.5.0 allows remote attackers to cause a denial of service invalid free and application crash via a crafted ELF file because of an uninitialized variable in the CPSE handler in libr/anal/p/analavr.c...
CVE-2018-11377
The avropanalyze function in radare2 2.5.0 allows remote attackers to cause a denial of service heap-based out-of-bounds read and application crash via a crafted binary file...
CVE-2018-10186
In radare2 2.5.0, there is a heap-based buffer over-read in the rhexbin2str function libr/util/hex.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted DEX file. This issue is different from CVE-2017-15368...