Filtered by vendor Radare
Subscriptions
Filtered by product Radare2
Subscriptions
Total
152 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-15932 | 1 Radare | 1 Radare2 | 2025-04-20 | N/A |
| In radare2 2.0.1, an integer exception (negative number leading to an invalid memory access) exists in store_versioninfo_gnu_verdef() in libr/bin/format/elf/elf.c via crafted ELF files when parsing the ELF version on 32bit systems. | ||||
| CVE-2017-16358 | 1 Radare | 1 Radare2 | 2025-04-20 | N/A |
| In radare 2.0.1, an out-of-bounds read vulnerability exists in string_scan_range() in libr/bin/bin.c when doing a string search. | ||||
| CVE-2017-6319 | 1 Radare | 1 Radare2 | 2025-04-20 | N/A |
| The dex_parse_debug_item function in libr/bin/p/bin_dex.c in radare2 1.2.1 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted DEX file. | ||||
| CVE-2017-6197 | 1 Radare | 1 Radare2 | 2025-04-20 | N/A |
| The r_read_* functions in libr/include/r_endian.h in radare2 1.2.1 allow remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted binary file, as demonstrated by the r_read_le32 function. | ||||
| CVE-2022-4398 | 1 Radare | 1 Radare2 | 2025-04-14 | 7.8 High |
| Integer Overflow or Wraparound in GitHub repository radareorg/radare2 prior to 5.8.0. | ||||
| CVE-2022-4843 | 1 Radare | 1 Radare2 | 2025-04-09 | 7.5 High |
| NULL Pointer Dereference in GitHub repository radareorg/radare2 prior to 5.8.2. | ||||
| CVE-2023-0302 | 1 Radare | 1 Radare2 | 2025-04-07 | 7.8 High |
| Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) in GitHub repository radareorg/radare2 prior to 5.8.2. | ||||
| CVE-2024-26475 | 1 Radare | 1 Radare2 | 2025-03-27 | 5.5 Medium |
| An issue in radareorg radare2 v.0.9.7 through v.5.8.6 and fixed in v.5.8.8 allows a local attacker to cause a denial of service via the grub_sfs_read_extent function. | ||||
| CVE-2018-14015 | 1 Radare | 1 Radare2 | 2025-03-18 | 5.5 Medium |
| The sdb_set_internal function in sdb.c in radare2 2.7.0 allows remote attackers to cause a denial of service (invalid read and application crash) via a crafted ELF file because of missing input validation in r_bin_dwarf_parse_comp_unit in libr/bin/dwarf.c. | ||||
| CVE-2023-27114 | 1 Radare | 1 Radare2 | 2025-02-28 | 5.5 Medium |
| radare2 v5.8.3 was discovered to contain a segmentation fault via the component wasm_dis at p/wasm/wasm.c. | ||||
| CVE-2023-1605 | 1 Radare | 1 Radare2 | 2025-02-25 | 7.5 High |
| Denial of Service in GitHub repository radareorg/radare2 prior to 5.8.6. | ||||
| CVE-2023-5686 | 2 Fedoraproject, Radare | 2 Fedora, Radare2 | 2025-02-13 | 8.8 High |
| Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.9.0. | ||||
| CVE-2023-47016 | 1 Radare | 1 Radare2 | 2024-11-21 | 7.5 High |
| radare2 5.8.9 has an out-of-bounds read in r_bin_object_set_items in libr/bin/bobj.c, causing a crash in r_read_le32 in libr/include/r_endian.h. | ||||
| CVE-2023-46570 | 1 Radare | 1 Radare2 | 2024-11-21 | 9.8 Critical |
| An out-of-bounds read in radare2 v.5.8.9 and before exists in the print_insn32 function of libr/arch/p/nds32/nds32-dis.h. | ||||
| CVE-2023-46569 | 1 Radare | 1 Radare2 | 2024-11-21 | 9.8 Critical |
| An out-of-bounds read in radare2 v.5.8.9 and before exists in the print_insn32_fpu function of libr/arch/p/nds32/nds32-dis.h. | ||||
| CVE-2022-34520 | 1 Radare | 1 Radare2 | 2024-11-21 | 5.5 Medium |
| Radare2 v5.7.2 was discovered to contain a NULL pointer dereference via the function r_bin_file_xtr_load_buffer at bin/bfile.c. This vulnerability allows attackers to cause a Denial of Service (DOS) via a crafted binary file. | ||||
| CVE-2022-34502 | 1 Radare | 1 Radare2 | 2024-11-21 | 5.5 Medium |
| Radare2 v5.7.0 was discovered to contain a heap buffer overflow via the function consume_encoded_name_new at format/wasm/wasm.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted binary file. | ||||
| CVE-2022-28073 | 1 Radare | 1 Radare2 | 2024-11-21 | 7.5 High |
| A use after free in r_reg_set_value function in radare2 5.4.2 and 5.4.0. | ||||
| CVE-2022-28072 | 1 Radare | 1 Radare2 | 2024-11-21 | 7.5 High |
| A heap buffer overflow in r_read_le32 function in radare25.4.2 and 5.4.0. | ||||
| CVE-2022-28071 | 1 Radare | 1 Radare2 | 2024-11-21 | 7.5 High |
| A use after free in r_reg_get_name_idx function in radare2 5.4.2 and 5.4.0. | ||||