CVE-2022-1297

Out-of-bounds Read in r_bin_ne_get_entrypoints function in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability may allow attackers to read sensitive information or cause a crash.

CVE-2022-1296

Out-of-bounds read in r_bin_ne_get_relocs function in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability may allow attackers to read sensitive information or cause a crash.

CVE-2022-0559

Use After Free in GitHub repository radareorg/radare2 prior to 5.6.2.

CVE-2023-46569

An out-of-bounds read in radare2 v.5.8.9 and before exists in the print_insn32_fpu function of libr/arch/p/nds32/nds32-dis.h.

CVE-2022-0173

radare2 is vulnerable to Out-of-bounds Read

CVE-2020-27794

A double free issue was discovered in radare2 in cmd_info.c:cmd_info(). Successful exploitation could lead to modification of unexpected memory locations and potentially causing a crash.

CVE-2022-0139

Use After Free in GitHub repository radareorg/radare2 prior to 5.6.0.

CVE-2022-1899

Out-of-bounds Read in GitHub repository radareorg/radare2 prior to 5.7.0.

CVE-2020-15121

In radare2 before version 4.5.0, malformed PDB file names in the PDB server path cause shell injection. To trigger the problem it's required to open the executable in radare2 and run idpd to trigger the download. The shell code will execute, and will create a file called pwned in the current direct...

CVE-2023-46570

An out-of-bounds read in radare2 v.5.8.9 and before exists in the print_insn32 function of libr/arch/p/nds32/nds32-dis.h.

CVE-2024-29646

Buffer Overflow vulnerability in radarorg radare2 v.5.8.8 allows an attacker to execute arbitrary code via the name, type, or group fields.

CVE-2023-4322

Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.9.0.