Total
133 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-7946 | 1 Radare | 1 Radare2 | 2025-04-20 | 4.3 MEDIUM | 5.5 MEDIUM |
| The get_relocs_64 function in libr/bin/format/mach0/mach0.c in radare2 1.3.0 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted Mach0 file. | |||||
| CVE-2017-16805 | 1 Radare | 1 Radare2 | 2025-04-20 | 4.3 MEDIUM | 5.5 MEDIUM |
| In radare2 2.0.1, libr/bin/dwarf.c allows remote attackers to cause a denial of service (invalid read and application crash) via a crafted ELF file, related to r_bin_dwarf_parse_comp_unit in dwarf.c and sdb_set_internal in shlr/sdb/src/sdb.c. | |||||
| CVE-2017-7716 | 1 Radare | 1 Radare2 | 2025-04-20 | 4.3 MEDIUM | 5.5 MEDIUM |
| The read_u32_leb128 function in libr/util/uleb128.c in radare2 1.3.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted Web Assembly file. | |||||
| CVE-2017-9761 | 1 Radare | 1 Radare2 | 2025-04-20 | 4.3 MEDIUM | 5.5 MEDIUM |
| The find_eoq function in libr/core/cmd.c in radare2 1.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted binary file. | |||||
| CVE-2024-26475 | 1 Radare | 1 Radare2 | 2025-03-27 | N/A | 5.5 MEDIUM |
| An issue in radareorg radare2 v.0.9.7 through v.5.8.6 and fixed in v.5.8.8 allows a local attacker to cause a denial of service via the grub_sfs_read_extent function. | |||||
| CVE-2018-14015 | 1 Radare | 1 Radare2 | 2025-03-18 | 4.3 MEDIUM | 5.5 MEDIUM |
| The sdb_set_internal function in sdb.c in radare2 2.7.0 allows remote attackers to cause a denial of service (invalid read and application crash) via a crafted ELF file because of missing input validation in r_bin_dwarf_parse_comp_unit in libr/bin/dwarf.c. | |||||
| CVE-2023-27114 | 1 Radare | 1 Radare2 | 2025-02-28 | N/A | 5.5 MEDIUM |
| radare2 v5.8.3 was discovered to contain a segmentation fault via the component wasm_dis at p/wasm/wasm.c. | |||||
| CVE-2023-5686 | 2 Fedoraproject, Radare | 2 Fedora, Radare2 | 2024-11-21 | N/A | 8.8 HIGH |
| Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.9.0. | |||||
| CVE-2023-4322 | 2 Fedoraproject, Radare | 2 Fedora, Radare2 | 2024-11-21 | N/A | 9.8 CRITICAL |
| Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.9.0. | |||||
| CVE-2023-47016 | 1 Radare | 1 Radare2 | 2024-11-21 | N/A | 7.5 HIGH |
| radare2 5.8.9 has an out-of-bounds read in r_bin_object_set_items in libr/bin/bobj.c, causing a crash in r_read_le32 in libr/include/r_endian.h. | |||||
| CVE-2023-46570 | 1 Radare | 1 Radare2 | 2024-11-21 | N/A | 9.8 CRITICAL |
| An out-of-bounds read in radare2 v.5.8.9 and before exists in the print_insn32 function of libr/arch/p/nds32/nds32-dis.h. | |||||
| CVE-2023-46569 | 1 Radare | 1 Radare2 | 2024-11-21 | N/A | 9.8 CRITICAL |
| An out-of-bounds read in radare2 v.5.8.9 and before exists in the print_insn32_fpu function of libr/arch/p/nds32/nds32-dis.h. | |||||
| CVE-2023-1605 | 1 Radare | 1 Radare2 | 2024-11-21 | N/A | 7.5 HIGH |
| Denial of Service in GitHub repository radareorg/radare2 prior to 5.8.6. | |||||
| CVE-2023-0302 | 1 Radare | 1 Radare2 | 2024-11-21 | N/A | 7.8 HIGH |
| Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) in GitHub repository radareorg/radare2 prior to 5.8.2. | |||||
| CVE-2022-4843 | 1 Radare | 1 Radare2 | 2024-11-21 | N/A | 7.5 HIGH |
| NULL Pointer Dereference in GitHub repository radareorg/radare2 prior to 5.8.2. | |||||
| CVE-2022-4398 | 1 Radare | 1 Radare2 | 2024-11-21 | N/A | 7.8 HIGH |
| Integer Overflow or Wraparound in GitHub repository radareorg/radare2 prior to 5.8.0. | |||||
| CVE-2022-34520 | 1 Radare | 1 Radare2 | 2024-11-21 | N/A | 5.5 MEDIUM |
| Radare2 v5.7.2 was discovered to contain a NULL pointer dereference via the function r_bin_file_xtr_load_buffer at bin/bfile.c. This vulnerability allows attackers to cause a Denial of Service (DOS) via a crafted binary file. | |||||
| CVE-2022-34502 | 1 Radare | 1 Radare2 | 2024-11-21 | N/A | 5.5 MEDIUM |
| Radare2 v5.7.0 was discovered to contain a heap buffer overflow via the function consume_encoded_name_new at format/wasm/wasm.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted binary file. | |||||
| CVE-2022-28073 | 1 Radare | 1 Radare2 | 2024-11-21 | N/A | 7.5 HIGH |
| A use after free in r_reg_set_value function in radare2 5.4.2 and 5.4.0. | |||||
| CVE-2022-28072 | 1 Radare | 1 Radare2 | 2024-11-21 | N/A | 7.5 HIGH |
| A heap buffer overflow in r_read_le32 function in radare25.4.2 and 5.4.0. | |||||