Lucene search

Radare Security Vulnerabilities

cve

CVE-2022-1244

heap-buffer-overflow in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability is capable of inducing denial of service.

5.5CVSS

5.3AI Score

0.001EPSS

2022-04-05 07:15 PM

cve

CVE-2022-1283

NULL Pointer Dereference in r_bin_ne_get_entrypoints function in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability allows attackers to cause a denial of service (application crash).

5.5CVSS

5.3AI Score

0.001EPSS

2022-04-08 06:15 PM

cve

CVE-2022-1284

heap-use-after-free in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability is capable of inducing denial of service.

5.5CVSS

5.3AI Score

0.001EPSS

2022-04-08 07:15 PM

cve

CVE-2022-1296

Out-of-bounds read in r_bin_ne_get_relocs function in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability may allow attackers to read sensitive information or cause a crash.

9.1CVSS

8.9AI Score

0.002EPSS

2022-04-11 12:15 PM

cve

CVE-2022-1297

Out-of-bounds Read in r_bin_ne_get_entrypoints function in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability may allow attackers to read sensitive information or cause a crash.

9.1CVSS

8.9AI Score

0.002EPSS

2022-04-11 12:15 PM

cve

CVE-2022-1382

NULL Pointer Dereference in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability is capable of making the radare2 crash, thus affecting the availability of the system.

5.5CVSS

5.3AI Score

0.001EPSS

2022-04-18 01:15 AM

cve

CVE-2022-1383

Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.6.8. The bug causes the program reads data past the end of the intented buffer. Typically, this can allow attackers to read sensitive information from other memory locations or cause a crash.

6.1CVSS

6.1AI Score

0.001EPSS

2022-04-18 01:15 AM

cve

CVE-2022-1437

Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.7.0. The bug causes the program reads data past the end of the intented buffer. Typically, this can allow attackers to read sensitive information from other memory locations or cause a crash.

7.1CVSS

6.8AI Score

0.001EPSS

2022-04-22 03:15 PM

cve

CVE-2022-1444

heap-use-after-free in GitHub repository radareorg/radare2 prior to 5.7.0. This vulnerability is capable of inducing denial of service.

5.5CVSS

5.3AI Score

0.001EPSS

2022-04-23 10:15 PM

cve

CVE-2022-1451

Out-of-bounds Read in r_bin_java_constant_value_attr_new function in GitHub repository radareorg/radare2 prior to 5.7.0. The bug causes the program reads data past the end 2f the intented buffer. Typically, this can allow attackers to read sensitive information from other memory locations or cause ...

7.1CVSS

6.7AI Score

0.001EPSS

2022-04-24 09:15 PM

cve

CVE-2022-1452

Out-of-bounds Read in r_bin_java_bootstrap_methods_attr_new function in GitHub repository radareorg/radare2 prior to 5.7.0. The bug causes the program reads data past the end 2f the intented buffer. Typically, this can allow attackers to read sensitive information from other memory locations or cau...

7.1CVSS

6.7AI Score

0.001EPSS

2022-04-24 09:15 PM

cve

CVE-2022-1649

Null pointer dereference in libr/bin/format/mach0/mach0.c in radareorg/radare2 in GitHub repository radareorg/radare2 prior to 5.7.0. It is likely to be exploitable. For more general description of heap buffer overflow, see CWE .

5.5CVSS

5.5AI Score

0.001EPSS

2022-05-10 05:15 PM

cve

CVE-2022-1714

Out-of-bounds Read in GitHub repository radareorg/radare2 prior to 5.7.0. The bug causes the program reads data past the end of the intented buffer. Typically, this can allow attackers to read sensitive information from other memory locations or cause a crash.

7.1CVSS

6.7AI Score

0.0005EPSS

2022-05-13 03:15 PM

cve

CVE-2022-1809

Access of Uninitialized Pointer in GitHub repository radareorg/radare2 prior to 5.7.0.

7.8CVSS

7.5AI Score

0.001EPSS

2022-05-21 11:16 PM

cve

CVE-2022-1899

Out-of-bounds Read in GitHub repository radareorg/radare2 prior to 5.7.0.

9.1CVSS

9.2AI Score

0.002EPSS

2022-05-26 05:15 PM

cve

CVE-2022-28068

A heap buffer overflow in r_sleb128 function in radare2 5.4.2 and 5.4.0.

7.5CVSS

7.8AI Score

0.0005EPSS

2023-08-22 07:16 PM

cve

CVE-2022-28069

A heap buffer overflow in vax_opfunction in radare2 5.4.2 and 5.4.0.

7.5CVSS

7.8AI Score

0.0005EPSS

2023-08-22 07:16 PM

cve

CVE-2022-28070

A null pointer deference in __core_anal_fcn function in radare2 5.4.2 and 5.4.0.

7.5CVSS

7.5AI Score

0.0005EPSS

2023-08-22 07:16 PM

cve

CVE-2022-28071

A use after free in r_reg_get_name_idx function in radare2 5.4.2 and 5.4.0.

7.5CVSS

7.6AI Score

0.0005EPSS

2023-08-22 07:16 PM

cve

CVE-2022-28072

A heap buffer overflow in r_read_le32 function in radare25.4.2 and 5.4.0.

7.5CVSS

7.8AI Score

0.0005EPSS

2023-08-22 07:16 PM

cve

CVE-2022-28073

A use after free in r_reg_set_value function in radare2 5.4.2 and 5.4.0.

7.5CVSS

7.6AI Score

0.0005EPSS

2023-08-22 07:16 PM

cve

CVE-2022-34502

Radare2 v5.7.0 was discovered to contain a heap buffer overflow via the function consume_encoded_name_new at format/wasm/wasm.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted binary file.

5.5CVSS

5.5AI Score

0.001EPSS

2022-07-22 03:15 PM

cve

CVE-2022-34520

Radare2 v5.7.2 was discovered to contain a NULL pointer dereference via the function r_bin_file_xtr_load_buffer at bin/bfile.c. This vulnerability allows attackers to cause a Denial of Service (DOS) via a crafted binary file.

5.5CVSS

5.1AI Score

0.001EPSS

2022-07-22 03:15 PM

cve

CVE-2022-4398

Integer Overflow or Wraparound in GitHub repository radareorg/radare2 prior to 5.8.0.

7.8CVSS

7.5AI Score

0.001EPSS

2022-12-10 08:15 PM

cve

CVE-2022-4843

NULL Pointer Dereference in GitHub repository radareorg/radare2 prior to 5.8.2.

7.5CVSS

7.3AI Score

0.001EPSS

2022-12-29 06:15 PM

cve

CVE-2023-0302

Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) in GitHub repository radareorg/radare2 prior to 5.8.2.

7.8CVSS

7.6AI Score

0.001EPSS

2023-01-15 01:15 AM

cve

CVE-2023-1605

Denial of Service in GitHub repository radareorg/radare2 prior to 5.8.6.

7.5CVSS

7.4AI Score

0.001EPSS

2023-03-23 07:15 PM

cve

CVE-2023-27114

radare2 v5.8.3 was discovered to contain a segmentation fault via the component wasm_dis at p/wasm/wasm.c.

5.5CVSS

5.5AI Score

0.001EPSS

2023-03-10 02:15 AM

cve

CVE-2023-4322

Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.9.0.

9.8CVSS

8.2AI Score

0.001EPSS

2023-08-14 04:15 PM

cve

CVE-2023-46569

An out-of-bounds read in radare2 v.5.8.9 and before exists in the print_insn32_fpu function of libr/arch/p/nds32/nds32-dis.h.

9.8CVSS

9.3AI Score

0.001EPSS

2023-10-28 02:15 AM

cve

CVE-2023-46570

An out-of-bounds read in radare2 v.5.8.9 and before exists in the print_insn32 function of libr/arch/p/nds32/nds32-dis.h.

9.8CVSS

9.3AI Score

0.001EPSS

2023-10-28 02:15 AM

cve

CVE-2023-47016

radare2 5.8.9 has an out-of-bounds read in r_bin_object_set_items in libr/bin/bobj.c, causing a crash in r_read_le32 in libr/include/r_endian.h.

7.5CVSS

7.4AI Score

0.0005EPSS

2023-11-22 07:15 AM

cve

CVE-2023-5686

Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.9.0.

8.8CVSS

7AI Score

0.001EPSS

2023-10-20 05:15 PM

Total number of security vulnerabilities133