Lucene search

K
RadareRadare2

147 matches found

CVE
CVE
added 2017/03/02 1:59 a.m.41 views

CVE-2017-6387

The dex_loadcode function in libr/bin/p/bin_dex.c in radare2 1.2.1 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted DEX file.

5.5CVSS5.3AI score0.00234EPSS
CVE
CVE
added 2017/06/08 2:29 p.m.41 views

CVE-2017-9520

The r_config_set function in libr/config/config.c in radare2 1.5.0 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted DEX file.

5.5CVSS5.3AI score0.00202EPSS
CVE
CVE
added 2018/04/17 8:29 p.m.41 views

CVE-2018-10187

In radare2 2.5.0, there is a heap-based buffer over-read in the dalvik_op function (libr/anal/p/anal_dalvik.c). Remote attackers could leverage this vulnerability to cause a denial of service via a crafted DEX file. Note that this issue is different from CVE-2018-8809, which was patched earlier.

5.5CVSS5.2AI score0.00226EPSS
CVE
CVE
added 2018/05/22 7:29 p.m.41 views

CVE-2018-11377

The avr_op_analyze() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted binary file.

5.5CVSS5.4AI score0.00256EPSS
CVE
CVE
added 2018/07/12 8:29 p.m.41 views

CVE-2018-14017

The r_bin_java_annotation_new function in shlr/java/class.c in radare2 2.7.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted .class file because of missing input validation in r_bin_java_line_number_table_attr_new.

5.5CVSS5.5AI score0.00226EPSS
CVE
CVE
added 2017/10/27 6:29 p.m.40 views

CVE-2017-15931

In radare2 2.0.1, an integer exception (negative number leading to an invalid memory access) exists in store_versioninfo_gnu_verneed() in libr/bin/format/elf/elf.c via crafted ELF files on 32bit systems.

7.8CVSS7.5AI score0.00206EPSS
CVE
CVE
added 2017/03/27 5:59 p.m.40 views

CVE-2017-7274

The r_pkcs7_parse_cms function in libr/util/r_pkcs7.c in radare2 1.3.0 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PE file.

5.5CVSS5.3AI score0.00227EPSS
CVE
CVE
added 2017/06/19 4:29 p.m.40 views

CVE-2017-9761

The find_eoq function in libr/core/cmd.c in radare2 1.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted binary file.

5.5CVSS5.3AI score0.00227EPSS
CVE
CVE
added 2018/05/22 7:29 p.m.40 views

CVE-2018-11379

The get_debug_info() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted PE file.

5.5CVSS5.4AI score0.00248EPSS
CVE
CVE
added 2018/05/22 7:29 p.m.40 views

CVE-2018-11383

The r_strbuf_fini() function in radare2 2.5.0 allows remote attackers to cause a denial of service (invalid free and application crash) via a crafted ELF file because of an uninitialized variable in the CPSE handler in libr/anal/p/anal_avr.c.

5.5CVSS5.5AI score0.00248EPSS
CVE
CVE
added 2018/07/12 8:29 p.m.40 views

CVE-2018-14015

The sdb_set_internal function in sdb.c in radare2 2.7.0 allows remote attackers to cause a denial of service (invalid read and application crash) via a crafted ELF file because of missing input validation in r_bin_dwarf_parse_comp_unit in libr/bin/dwarf.c.

5.5CVSS5.3AI score0.00226EPSS
CVE
CVE
added 2018/12/25 7:29 p.m.40 views

CVE-2018-20460

In radare2 prior to 3.1.2, the parseOperands function in libr/asm/arch/arm/armass64.c allows attackers to cause a denial-of-service (application crash caused by stack-based buffer overflow) by crafting an input file.

5.5CVSS5.3AI score0.00191EPSS
CVE
CVE
added 2023/08/22 7:16 p.m.40 views

CVE-2022-28073

A use after free in r_reg_set_value function in radare2 5.4.2 and 5.4.0.

7.5CVSS7.6AI score0.00365EPSS
CVE
CVE
added 2023/03/10 2:15 a.m.40 views

CVE-2023-27114

radare2 v5.8.3 was discovered to contain a segmentation fault via the component wasm_dis at p/wasm/wasm.c.

5.5CVSS5.5AI score0.0006EPSS
CVE
CVE
added 2023/08/14 4:15 p.m.40 views

CVE-2023-4322

Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.9.0.

9.8CVSS8.3AI score0.00163EPSS
CVE
CVE
added 2025/06/05 7:15 a.m.40 views

CVE-2025-5641

A vulnerability was found in Radare2 5.9.9. It has been rated as problematic. This issue affects the function r_cons_is_breaked in the library /libr/cons/cons.c of the component radiff2. The manipulation of the argument -T leads to memory corruption. It is possible to launch the attack on the local...

2.5CVSS3.6AI score0.00029EPSS
CVE
CVE
added 2025/06/05 7:15 a.m.40 views

CVE-2025-5643

A vulnerability classified as problematic was found in Radare2 5.9.9. Affected by this vulnerability is the function cons_stack_load in the library /libr/cons/cons.c of the component radiff2. The manipulation of the argument -T leads to memory corruption. An attack has to be approached locally. The...

2.5CVSS3.8AI score0.00029EPSS
CVE
CVE
added 2025/06/05 9:15 a.m.40 views

CVE-2025-5647

A vulnerability was found in Radare2 5.9.9 and classified as problematic. This issue affects the function r_cons_context_break_pop in the library /libr/cons/cons.c of the component radiff2. The manipulation of the argument -T leads to memory corruption. The attack needs to be approached locally. Th...

2.5CVSS3.9AI score0.00029EPSS
CVE
CVE
added 2017/04/12 3:59 p.m.39 views

CVE-2017-7716

The read_u32_leb128 function in libr/util/uleb128.c in radare2 1.3.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted Web Assembly file.

5.5CVSS5.4AI score0.00186EPSS
CVE
CVE
added 2018/05/22 7:29 p.m.39 views

CVE-2018-11375

The _inst__lds() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted binary file.

5.5CVSS5.4AI score0.00232EPSS
CVE
CVE
added 2018/05/22 7:29 p.m.39 views

CVE-2018-11378

The wasm_dis() function in libr/asm/arch/wasm/wasm.c in or possibly have unspecified other impact via a crafted WASM file.

7.8CVSS8AI score0.00201EPSS
CVE
CVE
added 2018/05/22 7:29 p.m.39 views

CVE-2018-11381

The string_scan_range() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted binary file.

5.5CVSS5.4AI score0.00248EPSS
CVE
CVE
added 2018/12/04 9:29 a.m.39 views

CVE-2018-19843

opmov in libr/asm/p/asm_x86_nz.c in radare2 before 3.1.0 allows attackers to cause a denial of service (buffer over-read) via crafted x86 assembly data, as demonstrated by rasm2.

5.5CVSS5.3AI score0.00165EPSS
CVE
CVE
added 2023/07/07 7:15 p.m.39 views

CVE-2021-32494

Radare2 has a division by zero vulnerability in Mach-O parser's rebase_buffer function. This allow attackers to create malicious inputs that can cause denial of service.

10CVSS7.3AI score0.00191EPSS
CVE
CVE
added 2017/04/03 5:59 a.m.38 views

CVE-2017-6194

The relocs function in libr/bin/p/bin_bflt.c in radare2 1.2.1 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file.

7.8CVSS8.2AI score0.00215EPSS
CVE
CVE
added 2017/06/19 4:29 p.m.38 views

CVE-2017-9762

The cmd_info function in libr/core/cmd_info.c in radare2 1.5.0 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted binary file.

5.5CVSS5.3AI score0.00203EPSS
CVE
CVE
added 2018/05/22 7:29 p.m.38 views

CVE-2018-11384

The sh_op() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted ELF file.

5.5CVSS5.4AI score0.00248EPSS
CVE
CVE
added 2023/08/22 7:16 p.m.38 views

CVE-2022-28070

A null pointer deference in __core_anal_fcn function in radare2 5.4.2 and 5.4.0.

7.5CVSS7.5AI score0.00157EPSS
CVE
CVE
added 2017/11/13 9:29 p.m.37 views

CVE-2017-16805

In radare2 2.0.1, libr/bin/dwarf.c allows remote attackers to cause a denial of service (invalid read and application crash) via a crafted ELF file, related to r_bin_dwarf_parse_comp_unit in dwarf.c and sdb_set_internal in shlr/sdb/src/sdb.c.

5.5CVSS5.3AI score0.00202EPSS
CVE
CVE
added 2017/04/18 8:59 p.m.37 views

CVE-2017-7946

The get_relocs_64 function in libr/bin/format/mach0/mach0.c in radare2 1.3.0 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted Mach0 file.

5.5CVSS5.3AI score0.00207EPSS
CVE
CVE
added 2018/05/22 7:29 p.m.37 views

CVE-2018-11376

The r_read_le32() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted ELF file.

5.5CVSS5.4AI score0.00248EPSS
CVE
CVE
added 2018/06/13 4:29 p.m.37 views

CVE-2018-12322

There is a heap out of bounds read in radare2 2.6.0 in _6502_op() in libr/anal/p/anal_6502.c via a crafted iNES ROM binary file.

5.5CVSS5.4AI score0.00138EPSS
CVE
CVE
added 2023/08/22 7:16 p.m.37 views

CVE-2022-28072

A heap buffer overflow in r_read_le32 function in radare25.4.2 and 5.4.0.

7.5CVSS7.8AI score0.00441EPSS
CVE
CVE
added 2017/11/01 5:29 p.m.36 views

CVE-2017-16359

In radare 2.0.1, a pointer wraparound vulnerability exists in store_versioninfo_gnu_verdef() in libr/bin/format/elf/elf.c.

5.5CVSS5.4AI score0.00193EPSS
CVE
CVE
added 2017/04/13 4:59 p.m.36 views

CVE-2017-7854

The consume_init_expr function in wasm.c in radare2 1.3.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted Web Assembly file.

5.5CVSS5.4AI score0.00256EPSS
CVE
CVE
added 2018/05/22 7:29 p.m.36 views

CVE-2018-11382

The _inst__sts() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted binary file.

5.5CVSS5.4AI score0.00232EPSS
CVE
CVE
added 2018/03/20 5:29 a.m.36 views

CVE-2018-8809

In radare2 2.4.0, there is a heap-based buffer over-read in the dalvik_op function of anal_dalvik.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted dex file.

5.5CVSS5.2AI score0.00226EPSS
CVE
CVE
added 2018/03/20 5:29 a.m.36 views

CVE-2018-8810

In radare2 2.4.0, there is a heap-based buffer over-read in the get_ivar_list_t function of mach0_classes.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted Mach-O file.

5.5CVSS5.4AI score0.00226EPSS
CVE
CVE
added 2023/08/22 7:16 p.m.36 views

CVE-2022-28069

A heap buffer overflow in vax_opfunction in radare2 5.4.2 and 5.4.0.

7.5CVSS7.8AI score0.00135EPSS
CVE
CVE
added 2025/06/05 7:15 a.m.36 views

CVE-2025-5642

A vulnerability classified as problematic has been found in Radare2 5.9.9. Affected is the function r_cons_pal_init in the library /libr/cons/pal.c of the component radiff2. The manipulation leads to memory corruption. The attack needs to be approached locally. The complexity of an attack is rather...

2.5CVSS3.8AI score0.00029EPSS
CVE
CVE
added 2017/03/02 1:59 a.m.35 views

CVE-2017-6319

The dex_parse_debug_item function in libr/bin/p/bin_dex.c in radare2 1.2.1 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted DEX file.

7.8CVSS8.1AI score0.00292EPSS
CVE
CVE
added 2018/06/13 4:29 p.m.35 views

CVE-2018-12320

There is a use after free in radare2 2.6.0 in r_anal_bb_free() in libr/anal/bb.c via a crafted Java binary file.

7.8CVSS7.6AI score0.00169EPSS
CVE
CVE
added 2023/08/22 7:16 p.m.35 views

CVE-2022-28068

A heap buffer overflow in r_sleb128 function in radare2 5.4.2 and 5.4.0.

7.5CVSS7.8AI score0.00135EPSS
CVE
CVE
added 2023/11/22 7:15 a.m.35 views

CVE-2023-47016

radare2 5.8.9 has an out-of-bounds read in r_bin_object_set_items in libr/bin/bobj.c, causing a crash in r_read_le32 in libr/include/r_endian.h.

7.5CVSS7.4AI score0.0018EPSS
CVE
CVE
added 2023/08/22 7:16 p.m.34 views

CVE-2022-28071

A use after free in r_reg_get_name_idx function in radare2 5.4.2 and 5.4.0.

7.5CVSS7.6AI score0.00155EPSS
CVE
CVE
added 2023/07/07 7:15 p.m.30 views

CVE-2021-32495

Radare2 has a use-after-free vulnerability in pyc parser's get_none_object function. Attacker can read freed memory afterwards. This will allow attackers to cause denial of service.

10CVSS8.9AI score0.0026EPSS
CVE
CVE
added 2018/03/20 5:29 a.m.28 views

CVE-2018-8808

In radare2 2.4.0, there is a heap-based buffer over-read in the r_asm_disassemble function of asm.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted dex file.

5.5CVSS5.4AI score0.00226EPSS
Total number of security vulnerabilities147