Lucene search

K
RadareRadare2

147 matches found

CVE
CVE
added 2022/02/08 9:15 p.m.76 views

CVE-2022-0522

Access of Memory Location Before Start of Buffer in NPM radare2.js prior to 5.6.2.

7.1CVSS6.4AI score0.00337EPSS
CVE
CVE
added 2022/05/26 5:15 p.m.76 views

CVE-2022-1899

Out-of-bounds Read in GitHub repository radareorg/radare2 prior to 5.7.0.

9.1CVSS8.4AI score0.0043EPSS
CVE
CVE
added 2022/04/22 3:15 p.m.74 views

CVE-2022-1437

Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.7.0. The bug causes the program reads data past the end of the intented buffer. Typically, this can allow attackers to read sensitive information from other memory locations or cause a crash.

7.1CVSS6AI score0.00238EPSS
CVE
CVE
added 2019/12/05 2:15 a.m.73 views

CVE-2019-19590

In radare2 through 4.0, there is an integer overflow for the variable new_token_size in the function r_asm_massemble at libr/asm/asm.c. This integer overflow will result in a Use-After-Free for the buffer tokens, which can be filled with arbitrary malicious data after the free. This allows remote a...

7.8CVSS8.1AI score0.03052EPSS
CVE
CVE
added 2022/02/08 9:15 p.m.72 views

CVE-2022-0520

Use After Free in NPM radare2.js prior to 5.6.2.

8.8CVSS7.6AI score0.00324EPSS
CVE
CVE
added 2022/08/19 11:15 p.m.71 views

CVE-2020-27795

A segmentation fault was discovered in radare2 with adf command. In libr/core/cmd_anal.c, when command "adf" has no or wrong argument, anal_fcn_data (core, input + 1) --> RAnalFunction *fcn = r_anal_get_fcn_in (core->anal, core->offset, -1); returns null pointer for fcn causing segmentatio...

7.5CVSS7.5AI score0.0007EPSS
CVE
CVE
added 2020/07/20 6:15 p.m.70 views

CVE-2020-15121

In radare2 before version 4.5.0, malformed PDB file names in the PDB server path cause shell injection. To trigger the problem it's required to open the executable in radare2 and run idpd to trigger the download. The shell code will execute, and will create a file called pwned in the current direct...

9.6CVSS8.4AI score0.00593EPSS
CVE
CVE
added 2020/08/11 8:15 p.m.70 views

CVE-2020-17487

radare2 4.5.0 misparses signature information in PE files, causing a segmentation fault in r_x509_parse_algorithmidentifier in libr/util/x509.c. This is due to a malformed object identifier in IMAGE_DIRECTORY_ENTRY_SECURITY.

7.5CVSS7.1AI score0.00518EPSS
CVE
CVE
added 2022/08/19 11:15 p.m.69 views

CVE-2020-27793

An off-by-one overflow flaw was found in radare2 due to mismatched array length in core_java.c. This could allow an attacker to cause a crash, and perform a denail of service attack.

7.5CVSS7.4AI score0.00079EPSS
CVE
CVE
added 2021/05/14 1:15 p.m.68 views

CVE-2021-32613

In radare2 through 5.3.0 there is a double free vulnerability in the pyc parse via a crafted file which can lead to DoS.

5.5CVSS5.4AI score0.00351EPSS
CVE
CVE
added 2024/03/14 10:15 p.m.65 views

CVE-2024-26475

An issue in radareorg radare2 v.0.9.7 through v.5.8.6 and fixed in v.5.8.8 allows a local attacker to cause a denial of service via the grub_sfs_read_extent function.

5.5CVSS6.5AI score0.00057EPSS
CVE
CVE
added 2020/08/03 4:15 p.m.62 views

CVE-2020-16269

radare2 4.5.0 misparses DWARF information in executable files, causing a segmentation fault in parse_typedef in type_dwarf.c via a malformed DW_AT_name in the .debug_info section.

5.5CVSS6AI score0.00343EPSS
CVE
CVE
added 2025/02/28 4:15 a.m.60 views

CVE-2025-1744

Out-of-bounds Write vulnerability in radareorg radare2 allows heap-based buffer over-read or buffer overflow.This issue affects radare2: before

10CVSS6.8AI score0.00118EPSS
CVE
CVE
added 2018/12/25 7:29 p.m.56 views

CVE-2018-20456

In radare2 prior to 3.1.1, the parseOperand function inside libr/asm/p/asm_x86_nz.c may allow attackers to cause a denial of service (application crash in libr/util/strbuf.c via a stack-based buffer over-read) by crafting an input file, a related issue to CVE-2018-20455.

5.5CVSS5.3AI score0.0018EPSS
CVE
CVE
added 2018/12/25 7:29 p.m.55 views

CVE-2018-20459

In radare2 through 3.1.3, the armass_assemble function in libr/asm/arch/arm/armass.c allows attackers to cause a denial-of-service (application crash by out-of-bounds read) by crafting an arm assembly input because a loop uses an incorrect index in armass.c and certain length validation is missing ...

5.5CVSS5.6AI score0.00179EPSS
CVE
CVE
added 2017/11/01 5:29 p.m.54 views

CVE-2017-16358

In radare 2.0.1, an out-of-bounds read vulnerability exists in string_scan_range() in libr/bin/bin.c when doing a string search.

7.8CVSS7.4AI score0.00184EPSS
CVE
CVE
added 2017/06/19 4:29 p.m.53 views

CVE-2017-9763

The grub_ext2_read_block function in fs/ext2.c in GNU GRUB before 2013-11-12, as used in shlr/grub/fs/ext2.c in radare2 1.5.0, allows remote attackers to cause a denial of service (excessive stack use and application crash) via a crafted binary file, related to use of a variable-size stack array.

7.5CVSS7AI score0.01447EPSS
CVE
CVE
added 2023/03/23 7:15 p.m.53 views

CVE-2023-1605

Denial of Service in GitHub repository radareorg/radare2 prior to 5.8.6.

7.5CVSS7.5AI score0.00472EPSS
CVE
CVE
added 2023/10/28 2:15 a.m.53 views

CVE-2023-46570

An out-of-bounds read in radare2 v.5.8.9 and before exists in the print_insn32 function of libr/arch/p/nds32/nds32-dis.h.

9.8CVSS9.3AI score0.00139EPSS
CVE
CVE
added 2018/12/25 7:29 p.m.52 views

CVE-2018-20455

In radare2 prior to 3.1.1, the parseOperand function inside libr/asm/p/asm_x86_nz.c may allow attackers to cause a denial of service (application crash via a stack-based buffer overflow) by crafting an input file, a related issue to CVE-2018-20456.

5.5CVSS5.3AI score0.0018EPSS
CVE
CVE
added 2024/12/02 3:15 p.m.52 views

CVE-2024-29645

Buffer Overflow vulnerability in radarorg radare2 v.5.8.8 allows an attacker to execute arbitrary code via the parse_die function.

7.8CVSS7.9AI score0.00035EPSS
CVE
CVE
added 2017/04/03 5:59 a.m.51 views

CVE-2017-6448

The dalvik_disassemble function in libr/asm/p/asm_dalvik.c in radare2 1.2.1 allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted DEX file.

7.8CVSS8AI score0.00248EPSS
CVE
CVE
added 2018/12/25 7:29 p.m.51 views

CVE-2018-20457

In radare2 through 3.1.3, the assemble function inside libr/asm/p/asm_arm_cs.c allows attackers to cause a denial-of-service (application crash via an r_num_calc out-of-bounds read) by crafting an arm assembly input because a loop uses an incorrect index in armass.c and certain length validation is...

5.5CVSS5.6AI score0.00179EPSS
CVE
CVE
added 2025/03/03 9:15 a.m.51 views

CVE-2025-1864

Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in radareorg radare2 allows Overflow Buffers.This issue affects radare2: before

10CVSS6.7AI score0.00116EPSS
CVE
CVE
added 2017/07/05 12:29 p.m.50 views

CVE-2017-10929

The grub_memmove function in shlr/grub/kern/misc.c in radare2 1.5.0 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, possibly related to a read overflow in the grub_disk_read_...

7.8CVSS8AI score0.00369EPSS
CVE
CVE
added 2025/02/17 6:15 a.m.50 views

CVE-2025-1378

A vulnerability, which was classified as problematic, was found in radare2 5.9.9 33286. Affected is an unknown function in the library /libr/main/rasm2.c of the component rasm2. The manipulation leads to memory corruption. An attack has to be approached locally. The exploit has been disclosed to th...

4.8CVSS7AI score0.00038EPSS
CVE
CVE
added 2018/06/13 4:29 p.m.49 views

CVE-2018-12321

There is a heap out of bounds read in radare2 2.6.0 in java_switch_op() in libr/anal/p/anal_java.c via a crafted Java binary file.

7.8CVSS7.4AI score0.00169EPSS
CVE
CVE
added 2018/12/25 7:29 p.m.49 views

CVE-2018-20461

In radare2 prior to 3.1.1, core_anal_bytes in libr/core/cmd_anal.c allows attackers to cause a denial-of-service (application crash caused by out-of-bounds read) by crafting a binary file.

5.5CVSS5.2AI score0.00178EPSS
CVE
CVE
added 2018/12/04 9:29 a.m.48 views

CVE-2018-19842

getToken in libr/asm/p/asm_x86_nz.c in radare2 before 3.1.0 allows attackers to cause a denial of service (stack-based buffer over-read) via crafted x86 assembly data, as demonstrated by rasm2.

5.5CVSS5.4AI score0.00313EPSS
CVE
CVE
added 2024/10/30 6:15 p.m.48 views

CVE-2024-48241

An issue in radare2 v5.8.0 through v5.9.4 allows a local attacker to cause a denial of service via the __bf_div function.

5.5CVSS6.8AI score0.00055EPSS
CVE
CVE
added 2017/02/24 4:59 a.m.47 views

CVE-2017-6197

The r_read_* functions in libr/include/r_endian.h in radare2 1.2.1 allow remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted binary file, as demonstrated by the r_read_le32 function.

5.5CVSS5.2AI score0.00281EPSS
CVE
CVE
added 2022/12/29 6:15 p.m.47 views

CVE-2022-4843

NULL Pointer Dereference in GitHub repository radareorg/radare2 prior to 5.8.2.

7.5CVSS5.8AI score0.00048EPSS
CVE
CVE
added 2018/12/25 7:29 p.m.46 views

CVE-2018-20458

In radare2 prior to 3.1.1, r_bin_dyldcache_extract in libr/bin/format/mach0/dyldcache.c may allow attackers to cause a denial-of-service (application crash caused by out-of-bounds read) by crafting an input file.

5.5CVSS5.2AI score0.00179EPSS
CVE
CVE
added 2019/09/23 2:15 p.m.46 views

CVE-2019-16718

In radare2 before 3.9.0, a command injection vulnerability exists in bin_symbols() in libr/core/cbin.c. By using a crafted executable file, it's possible to execute arbitrary shell commands with the permissions of the victim. This vulnerability is due to an insufficient fix for CVE-2019-14745 and i...

7.8CVSS7.8AI score0.07084EPSS
CVE
CVE
added 2023/10/20 5:15 p.m.45 views

CVE-2023-5686

Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.9.0.

8.8CVSS6.7AI score0.00049EPSS
CVE
CVE
added 2025/06/05 8:15 a.m.45 views

CVE-2025-5646

A vulnerability has been found in Radare2 5.9.9 and classified as problematic. This vulnerability affects the function r_cons_rainbow_free in the library /libr/cons/pal.c of the component radiff2. The manipulation of the argument -T leads to memory corruption. It is possible to launch the attack on...

2.5CVSS3.6AI score0.00029EPSS
CVE
CVE
added 2017/03/02 1:59 a.m.44 views

CVE-2017-6415

The dex_parse_debug_item function in libr/bin/p/bin_dex.c in radare2 1.2.1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted DEX file.

5.5CVSS5.3AI score0.00231EPSS
CVE
CVE
added 2024/12/17 10:15 p.m.44 views

CVE-2024-29646

Buffer Overflow vulnerability in radarorg radare2 v.5.8.8 allows an attacker to execute arbitrary code via the name, type, or group fields.

9.8CVSS7.5AI score0.00434EPSS
CVE
CVE
added 2017/10/16 10:29 p.m.43 views

CVE-2017-15385

The store_versioninfo_gnu_verdef function in libr/bin/format/elf/elf.c in radare2 2.0.0 allows remote attackers to cause a denial of service (r_read_le16 invalid write and application crash) or possibly have unspecified other impact via a crafted ELF file.

7.8CVSS8AI score0.00283EPSS
CVE
CVE
added 2017/10/27 6:29 p.m.43 views

CVE-2017-15932

In radare2 2.0.1, an integer exception (negative number leading to an invalid memory access) exists in store_versioninfo_gnu_verdef() in libr/bin/format/elf/elf.c via crafted ELF files when parsing the ELF version on 32bit systems.

7.8CVSS7.5AI score0.00206EPSS
CVE
CVE
added 2018/07/12 8:29 p.m.43 views

CVE-2018-14016

The r_bin_mdmp_init_directory_entry function in mdmp.c in radare2 2.7.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted Mini Crash Dump file.

5.5CVSS5.4AI score0.00226EPSS
CVE
CVE
added 2025/06/05 8:15 a.m.43 views

CVE-2025-5645

A vulnerability, which was classified as problematic, was found in Radare2 5.9.9. This affects the function r_cons_pal_init in the library /libr/cons/pal.c of the component radiff2. The manipulation of the argument -T leads to memory corruption. Attacking locally is a requirement. The complexity of...

2.5CVSS3.9AI score0.00029EPSS
CVE
CVE
added 2025/06/05 9:15 a.m.43 views

CVE-2025-5648

A vulnerability was found in Radare2 5.9.9. It has been classified as problematic. Affected is the function r_cons_pal_init in the library /libr/cons/pal.c of the component radiff2. The manipulation of the argument -T leads to memory corruption. An attack has to be approached locally. The complexit...

2.5CVSS7.1AI score0.00029EPSS
CVE
CVE
added 2017/10/16 1:29 a.m.42 views

CVE-2017-15368

The wasm_dis function in libr/asm/arch/wasm/wasm.c in radare2 2.0.0 allows remote attackers to cause a denial of service (stack-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted WASM file that triggers an incorrect r_hex_bin2str call.

7.8CVSS6.8AI score0.00237EPSS
CVE
CVE
added 2017/06/26 8:29 p.m.42 views

CVE-2017-9949

The grub_memmove function in shlr/grub/kern/misc.c in radare2 1.5.0 allows remote attackers to cause a denial of service (stack-based buffer underflow and application crash) or possibly have unspecified other impact via a crafted binary file, possibly related to a buffer underflow in fs/ext2.c in G...

7.8CVSS8AI score0.00338EPSS
CVE
CVE
added 2018/04/17 8:29 p.m.42 views

CVE-2018-10186

In radare2 2.5.0, there is a heap-based buffer over-read in the r_hex_bin2str function (libr/util/hex.c). Remote attackers could leverage this vulnerability to cause a denial of service via a crafted DEX file. This issue is different from CVE-2017-15368.

5.5CVSS5.8AI score0.00237EPSS
CVE
CVE
added 2018/05/22 7:29 p.m.42 views

CVE-2018-11380

The parse_import_ptr() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted Mach-O file.

5.5CVSS5.4AI score0.00248EPSS
CVE
CVE
added 2018/09/12 4:29 p.m.42 views

CVE-2018-15834

In radare2 before 2.9.0, a heap overflow vulnerability exists in the read_module_referenced_functions function in libr/anal/flirt.c via a crafted flirt signature file.

5.5CVSS5.5AI score0.00146EPSS
CVE
CVE
added 2025/06/05 7:15 a.m.42 views

CVE-2025-5644

A vulnerability, which was classified as problematic, has been found in Radare2 5.9.9. Affected by this issue is the function r_cons_flush in the library /libr/cons/cons.c of the component radiff2. The manipulation of the argument -T leads to use after free. Local access is required to approach thi...

2.5CVSS3.6AI score0.00025EPSS
CVE
CVE
added 2017/11/01 5:29 p.m.41 views

CVE-2017-16357

In radare 2.0.1, a memory corruption vulnerability exists in store_versioninfo_gnu_verdef() and store_versioninfo_gnu_verneed() in libr/bin/format/elf/elf.c, as demonstrated by an invalid free. This error is due to improper sh_size validation when allocating memory.

7.8CVSS7.7AI score0.00215EPSS
Total number of security vulnerabilities147