Radare2@* Security Vulnerabilities and Issues — Page 2 of Radare2@* CVE List

Lucene search

RadareRadare2*

78 matches found

CVE•added 2022/02/08 9:15 p.m.•72 views

CVE-2022-0520

Use After Free in NPM radare2.js prior to 5.6.2.

8.8CVSS7.6AI score0.00324EPSS

CVE•added 2022/08/19 11:15 p.m.•71 views

CVE-2020-27795

A segmentation fault was discovered in radare2 with adf command. In libr/core/cmd_anal.c, when command "adf" has no or wrong argument, anal_fcn_data (core, input + 1) --> RAnalFunction *fcn = r_anal_get_fcn_in (core->anal, core->offset, -1); returns null pointer for fcn causing segmentatio...

7.5CVSS7.5AI score0.0007EPSS

CVE•added 2020/07/20 6:15 p.m.•70 views

CVE-2020-15121

In radare2 before version 4.5.0, malformed PDB file names in the PDB server path cause shell injection. To trigger the problem it's required to open the executable in radare2 and run idpd to trigger the download. The shell code will execute, and will create a file called pwned in the current direct...

9.6CVSS8.4AI score0.00593EPSS

CVE•added 2022/08/19 11:15 p.m.•69 views

CVE-2020-27793

An off-by-one overflow flaw was found in radare2 due to mismatched array length in core_java.c. This could allow an attacker to cause a crash, and perform a denail of service attack.

7.5CVSS7.4AI score0.00079EPSS

CVE•added 2021/05/14 1:15 p.m.•68 views

CVE-2021-32613

In radare2 through 5.3.0 there is a double free vulnerability in the pyc parse via a crafted file which can lead to DoS.

5.5CVSS5.4AI score0.00351EPSS

CVE•added 2024/03/14 10:15 p.m.•65 views

CVE-2024-26475

An issue in radareorg radare2 v.0.9.7 through v.5.8.6 and fixed in v.5.8.8 allows a local attacker to cause a denial of service via the grub_sfs_read_extent function.

5.5CVSS6.5AI score0.00057EPSS

CVE•added 2025/02/28 4:15 a.m.•60 views

CVE-2025-1744

Out-of-bounds Write vulnerability in radareorg radare2 allows heap-based buffer over-read or buffer overflow.This issue affects radare2: before

10CVSS6.8AI score0.00118EPSS

CVE•added 2018/12/25 7:29 p.m.•56 views

CVE-2018-20456

In radare2 prior to 3.1.1, the parseOperand function inside libr/asm/p/asm_x86_nz.c may allow attackers to cause a denial of service (application crash in libr/util/strbuf.c via a stack-based buffer over-read) by crafting an input file, a related issue to CVE-2018-20455.

5.5CVSS5.3AI score0.0018EPSS

CVE•added 2018/12/25 7:29 p.m.•55 views

CVE-2018-20459

In radare2 through 3.1.3, the armass_assemble function in libr/asm/arch/arm/armass.c allows attackers to cause a denial-of-service (application crash by out-of-bounds read) by crafting an arm assembly input because a loop uses an incorrect index in armass.c and certain length validation is missing ...

5.5CVSS5.6AI score0.00179EPSS

CVE•added 2023/03/23 7:15 p.m.•53 views

CVE-2023-1605

Denial of Service in GitHub repository radareorg/radare2 prior to 5.8.6.

7.5CVSS7.5AI score0.00472EPSS

CVE•added 2023/10/28 2:15 a.m.•53 views

CVE-2023-46570

An out-of-bounds read in radare2 v.5.8.9 and before exists in the print_insn32 function of libr/arch/p/nds32/nds32-dis.h.

9.8CVSS9.3AI score0.00139EPSS

CVE•added 2018/12/25 7:29 p.m.•52 views

CVE-2018-20455

In radare2 prior to 3.1.1, the parseOperand function inside libr/asm/p/asm_x86_nz.c may allow attackers to cause a denial of service (application crash via a stack-based buffer overflow) by crafting an input file, a related issue to CVE-2018-20456.

5.5CVSS5.3AI score0.0018EPSS

CVE•added 2024/12/02 3:15 p.m.•52 views

CVE-2024-29645

Buffer Overflow vulnerability in radarorg radare2 v.5.8.8 allows an attacker to execute arbitrary code via the parse_die function.

7.8CVSS7.9AI score0.00035EPSS

CVE•added 2018/12/25 7:29 p.m.•51 views

CVE-2018-20457

In radare2 through 3.1.3, the assemble function inside libr/asm/p/asm_arm_cs.c allows attackers to cause a denial-of-service (application crash via an r_num_calc out-of-bounds read) by crafting an arm assembly input because a loop uses an incorrect index in armass.c and certain length validation is...

5.5CVSS5.6AI score0.00179EPSS

CVE•added 2025/03/03 9:15 a.m.•51 views

CVE-2025-1864

Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in radareorg radare2 allows Overflow Buffers.This issue affects radare2: before

10CVSS6.7AI score0.00116EPSS

CVE•added 2018/12/25 7:29 p.m.•49 views

CVE-2018-20461

In radare2 prior to 3.1.1, core_anal_bytes in libr/core/cmd_anal.c allows attackers to cause a denial-of-service (application crash caused by out-of-bounds read) by crafting a binary file.

5.5CVSS5.2AI score0.00178EPSS

CVE•added 2018/12/04 9:29 a.m.•48 views

CVE-2018-19842

getToken in libr/asm/p/asm_x86_nz.c in radare2 before 3.1.0 allows attackers to cause a denial of service (stack-based buffer over-read) via crafted x86 assembly data, as demonstrated by rasm2.

5.5CVSS5.4AI score0.00313EPSS

CVE•added 2024/10/30 6:15 p.m.•48 views

CVE-2024-48241

An issue in radare2 v5.8.0 through v5.9.4 allows a local attacker to cause a denial of service via the __bf_div function.

5.5CVSS6.8AI score0.00055EPSS

CVE•added 2022/12/29 6:15 p.m.•47 views

CVE-2022-4843

NULL Pointer Dereference in GitHub repository radareorg/radare2 prior to 5.8.2.

7.5CVSS5.8AI score0.00048EPSS

CVE•added 2018/12/25 7:29 p.m.•46 views

CVE-2018-20458

In radare2 prior to 3.1.1, r_bin_dyldcache_extract in libr/bin/format/mach0/dyldcache.c may allow attackers to cause a denial-of-service (application crash caused by out-of-bounds read) by crafting an input file.

5.5CVSS5.2AI score0.00179EPSS

CVE•added 2019/09/23 2:15 p.m.•46 views

CVE-2019-16718

In radare2 before 3.9.0, a command injection vulnerability exists in bin_symbols() in libr/core/cbin.c. By using a crafted executable file, it's possible to execute arbitrary shell commands with the permissions of the victim. This vulnerability is due to an insufficient fix for CVE-2019-14745 and i...

7.8CVSS7.8AI score0.07084EPSS

CVE•added 2023/10/20 5:15 p.m.•45 views

CVE-2023-5686

Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.9.0.

8.8CVSS6.7AI score0.00049EPSS

CVE•added 2018/09/12 4:29 p.m.•42 views

CVE-2018-15834

In radare2 before 2.9.0, a heap overflow vulnerability exists in the read_module_referenced_functions function in libr/anal/flirt.c via a crafted flirt signature file.

5.5CVSS5.5AI score0.00146EPSS

CVE•added 2018/07/12 8:29 p.m.•40 views

CVE-2018-14015

The sdb_set_internal function in sdb.c in radare2 2.7.0 allows remote attackers to cause a denial of service (invalid read and application crash) via a crafted ELF file because of missing input validation in r_bin_dwarf_parse_comp_unit in libr/bin/dwarf.c.

5.5CVSS5.3AI score0.00226EPSS

CVE•added 2018/12/25 7:29 p.m.•40 views

CVE-2018-20460

In radare2 prior to 3.1.2, the parseOperands function in libr/asm/arch/arm/armass64.c allows attackers to cause a denial-of-service (application crash caused by stack-based buffer overflow) by crafting an input file.

5.5CVSS5.3AI score0.00191EPSS

CVE•added 2023/08/14 4:15 p.m.•40 views

CVE-2023-4322

Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.9.0.

9.8CVSS8.3AI score0.00163EPSS

CVE•added 2018/12/04 9:29 a.m.•39 views

CVE-2018-19843

opmov in libr/asm/p/asm_x86_nz.c in radare2 before 3.1.0 allows attackers to cause a denial of service (buffer over-read) via crafted x86 assembly data, as demonstrated by rasm2.

5.5CVSS5.3AI score0.00165EPSS

CVE•added 2023/11/22 7:15 a.m.•35 views

CVE-2023-47016

radare2 5.8.9 has an out-of-bounds read in r_bin_object_set_items in libr/bin/bobj.c, causing a crash in r_read_le32 in libr/include/r_endian.h.

7.5CVSS7.4AI score0.0018EPSS

Total number of security vulnerabilities78