In radare2 before version 4.5.0, malformed PDB file names in the PDB server path cause shell injection. To trigger the problem it's required to open the executable in radare2 and run idpd to trigger the download. The shell code will execute, and will create a file called pwned in the current direct...
9.6CVSS
9.2AI Score
0.013EPSS
A double free issue was discovered in radare2 in cmd_info.c:cmd_info(). Successful exploitation could lead to modification of unexpected memory locations and potentially causing a crash.
9.1CVSS
8.9AI Score
0.001EPSS
9.8CVSS
9.4AI Score
0.002EPSS
9.8CVSS
9.3AI Score
0.003EPSS
Out-of-bounds read in r_bin_ne_get_relocs function in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability may allow attackers to read sensitive information or cause a crash.
9.1CVSS
8.9AI Score
0.002EPSS
Out-of-bounds Read in r_bin_ne_get_entrypoints function in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability may allow attackers to read sensitive information or cause a crash.
9.1CVSS
8.9AI Score
0.002EPSS
9.1CVSS
9.2AI Score
0.002EPSS
9.8CVSS
8.2AI Score
0.001EPSS
An out-of-bounds read in radare2 v.5.8.9 and before exists in the print_insn32_fpu function of libr/arch/p/nds32/nds32-dis.h.
9.8CVSS
9.3AI Score
0.002EPSS
An out-of-bounds read in radare2 v.5.8.9 and before exists in the print_insn32 function of libr/arch/p/nds32/nds32-dis.h.
9.8CVSS
9.3AI Score
0.002EPSS