Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Radare Subscribe

CVSS v3 Filter

ALL
NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 53 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-34502 1 Radare 1 Radare2 2023-08-08 N/A 5.5 MEDIUM
Radare2 v5.7.0 was discovered to contain a heap buffer overflow via the function consume_encoded_name_new at format/wasm/wasm.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted binary file.
CVE-2022-34520 1 Radare 1 Radare2 2022-07-29 N/A 5.5 MEDIUM
Radare2 v5.7.2 was discovered to contain a NULL pointer dereference via the function r_bin_file_xtr_load_buffer at bin/bfile.c. This vulnerability allows attackers to cause a Denial of Service (DOS) via a crafted binary file.
CVE-2021-44975 1 Radare 1 Radare2 2022-07-12 4.3 MEDIUM 5.5 MEDIUM
radareorg radare2 5.5.2 is vulnerable to Buffer Overflow via /libr/core/anal_objc.c mach-o parser.
CVE-2021-44974 1 Radare 1 Radare2 2022-06-03 4.3 MEDIUM 5.5 MEDIUM
radareorg radare2 version 5.5.2 is vulnerable to NULL Pointer Dereference via libr/bin/p/bin_symbols.c binary symbol parser.
CVE-2022-0419 2 Fedoraproject, Radare 2 Fedora, Radare2 2022-05-25 4.3 MEDIUM 5.5 MEDIUM
NULL Pointer Dereference in GitHub repository radareorg/radare2 prior to 5.6.0.
CVE-2022-1649 1 Radare 1 Radare2 2022-05-16 4.3 MEDIUM 5.5 MEDIUM
Null pointer dereference in libr/bin/format/mach0/mach0.c in radareorg/radare2 in GitHub repository radareorg/radare2 prior to 5.7.0. It is likely to be exploitable. For more general description of heap buffer overflow, see [CWE](https://cwe.mitre.org/data/definitions/476.html).
CVE-2022-1444 1 Radare 1 Radare2 2022-05-04 4.3 MEDIUM 5.5 MEDIUM
heap-use-after-free in GitHub repository radareorg/radare2 prior to 5.7.0. This vulnerability is capable of inducing denial of service.
CVE-2022-1383 1 Radare 1 Radare2 2022-04-26 5.8 MEDIUM 6.1 MEDIUM
Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.6.8. The bug causes the program reads data past the end of the intented buffer. Typically, this can allow attackers to read sensitive information from other memory locations or cause a crash.
CVE-2022-1382 1 Radare 1 Radare2 2022-04-26 7.1 HIGH 5.5 MEDIUM
NULL Pointer Dereference in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability is capable of making the radare2 crash, thus affecting the availability of the system.
CVE-2021-32613 2 Fedoraproject, Radare 2 Fedora, Radare2 2022-04-25 4.3 MEDIUM 5.5 MEDIUM
In radare2 through 5.3.0 there is a double free vulnerability in the pyc parse via a crafted file which can lead to DoS.
CVE-2022-0173 1 Radare 1 Radare2 2022-02-24 4.3 MEDIUM 5.5 MEDIUM
radare2 is vulnerable to Out-of-bounds Read
CVE-2020-16269 2 Fedoraproject, Radare 2 Fedora, Radare2 2021-07-21 4.3 MEDIUM 5.5 MEDIUM
radare2 4.5.0 misparses DWARF information in executable files, causing a segmentation fault in parse_typedef in type_dwarf.c via a malformed DW_AT_name in the .debug_info section.
CVE-2018-20458 1 Radare 1 Radare2 2020-10-15 4.3 MEDIUM 5.5 MEDIUM
In radare2 prior to 3.1.1, r_bin_dyldcache_extract in libr/bin/format/mach0/dyldcache.c may allow attackers to cause a denial-of-service (application crash caused by out-of-bounds read) by crafting an input file.
CVE-2018-20457 1 Radare 1 Radare2 2020-10-15 4.3 MEDIUM 5.5 MEDIUM
In radare2 through 3.1.3, the assemble function inside libr/asm/p/asm_arm_cs.c allows attackers to cause a denial-of-service (application crash via an r_num_calc out-of-bounds read) by crafting an arm assembly input because a loop uses an incorrect index in armass.c and certain length validation is missing in armass64.c, a related issue to CVE-2018-20459.
CVE-2018-20459 1 Radare 1 Radare2 2020-10-15 4.3 MEDIUM 5.5 MEDIUM
In radare2 through 3.1.3, the armass_assemble function in libr/asm/arch/arm/armass.c allows attackers to cause a denial-of-service (application crash by out-of-bounds read) by crafting an arm assembly input because a loop uses an incorrect index in armass.c and certain length validation is missing in armass64.c, a related issue to CVE-2018-20457.
CVE-2017-6415 1 Radare 1 Radare2 2020-10-15 4.3 MEDIUM 5.5 MEDIUM
The dex_parse_debug_item function in libr/bin/p/bin_dex.c in radare2 1.2.1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted DEX file.
CVE-2018-14017 1 Radare 1 Radare2 2020-10-15 4.3 MEDIUM 5.5 MEDIUM
The r_bin_java_annotation_new function in shlr/java/class.c in radare2 2.7.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted .class file because of missing input validation in r_bin_java_line_number_table_attr_new.
CVE-2018-14016 1 Radare 1 Radare2 2020-10-15 4.3 MEDIUM 5.5 MEDIUM
The r_bin_mdmp_init_directory_entry function in mdmp.c in radare2 2.7.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted Mini Crash Dump file.
CVE-2018-14015 1 Radare 1 Radare2 2020-10-15 4.3 MEDIUM 5.5 MEDIUM
The sdb_set_internal function in sdb.c in radare2 2.7.0 allows remote attackers to cause a denial of service (invalid read and application crash) via a crafted ELF file because of missing input validation in r_bin_dwarf_parse_comp_unit in libr/bin/dwarf.c.
CVE-2018-20455 1 Radare 1 Radare2 2020-08-24 4.3 MEDIUM 5.5 MEDIUM
In radare2 prior to 3.1.1, the parseOperand function inside libr/asm/p/asm_x86_nz.c may allow attackers to cause a denial of service (application crash via a stack-based buffer overflow) by crafting an input file, a related issue to CVE-2018-20456.
CVE-2018-11383 1 Radare 1 Radare2 2020-08-24 4.3 MEDIUM 5.5 MEDIUM
The r_strbuf_fini() function in radare2 2.5.0 allows remote attackers to cause a denial of service (invalid free and application crash) via a crafted ELF file because of an uninitialized variable in the CPSE handler in libr/anal/p/anal_avr.c.
CVE-2018-15834 1 Radare 1 Radare2 2020-08-24 4.3 MEDIUM 5.5 MEDIUM
In radare2 before 2.9.0, a heap overflow vulnerability exists in the read_module_referenced_functions function in libr/anal/flirt.c via a crafted flirt signature file.
CVE-2018-20460 1 Radare 1 Radare2 2020-08-24 4.3 MEDIUM 5.5 MEDIUM
In radare2 prior to 3.1.2, the parseOperands function in libr/asm/arch/arm/armass64.c allows attackers to cause a denial-of-service (application crash caused by stack-based buffer overflow) by crafting an input file.
CVE-2018-8809 1 Radare 1 Radare2 2019-10-03 4.3 MEDIUM 5.5 MEDIUM
In radare2 2.4.0, there is a heap-based buffer over-read in the dalvik_op function of anal_dalvik.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted dex file.
CVE-2017-7716 1 Radare 1 Radare2 2019-10-03 4.3 MEDIUM 5.5 MEDIUM
The read_u32_leb128 function in libr/util/uleb128.c in radare2 1.3.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted Web Assembly file.
CVE-2018-8810 1 Radare 1 Radare2 2019-10-03 4.3 MEDIUM 5.5 MEDIUM
In radare2 2.4.0, there is a heap-based buffer over-read in the get_ivar_list_t function of mach0_classes.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted Mach-O file.
CVE-2018-10187 1 Radare 1 Radare2 2019-10-03 4.3 MEDIUM 5.5 MEDIUM
In radare2 2.5.0, there is a heap-based buffer over-read in the dalvik_op function (libr/anal/p/anal_dalvik.c). Remote attackers could leverage this vulnerability to cause a denial of service via a crafted DEX file. Note that this issue is different from CVE-2018-8809, which was patched earlier.
CVE-2017-7854 1 Radare 1 Radare2 2019-10-03 4.3 MEDIUM 5.5 MEDIUM
The consume_init_expr function in wasm.c in radare2 1.3.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted Web Assembly file.
CVE-2018-8808 1 Radare 1 Radare2 2019-10-03 4.3 MEDIUM 5.5 MEDIUM
In radare2 2.4.0, there is a heap-based buffer over-read in the r_asm_disassemble function of asm.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted dex file.
CVE-2018-10186 1 Radare 1 Radare2 2019-10-03 4.3 MEDIUM 5.5 MEDIUM
In radare2 2.5.0, there is a heap-based buffer over-read in the r_hex_bin2str function (libr/util/hex.c). Remote attackers could leverage this vulnerability to cause a denial of service via a crafted DEX file. This issue is different from CVE-2017-15368.
CVE-2019-12865 1 Radare 1 Radare2 2019-07-30 4.3 MEDIUM 5.5 MEDIUM
In radare2 through 3.5.1, cmd_mount in libr/core/cmd_mount.c has a double free for the ms command.
CVE-2018-19842 1 Radare 1 Radare2 2018-12-31 4.3 MEDIUM 5.5 MEDIUM
getToken in libr/asm/p/asm_x86_nz.c in radare2 before 3.1.0 allows attackers to cause a denial of service (stack-based buffer over-read) via crafted x86 assembly data, as demonstrated by rasm2.
CVE-2018-19843 1 Radare 1 Radare2 2018-12-31 4.3 MEDIUM 5.5 MEDIUM
opmov in libr/asm/p/asm_x86_nz.c in radare2 before 3.1.0 allows attackers to cause a denial of service (buffer over-read) via crafted x86 assembly data, as demonstrated by rasm2.
CVE-2018-20456 1 Radare 1 Radare2 2018-12-31 4.3 MEDIUM 5.5 MEDIUM
In radare2 prior to 3.1.1, the parseOperand function inside libr/asm/p/asm_x86_nz.c may allow attackers to cause a denial of service (application crash in libr/util/strbuf.c via a stack-based buffer over-read) by crafting an input file, a related issue to CVE-2018-20455.
CVE-2018-20461 1 Radare 1 Radare2 2018-12-31 4.3 MEDIUM 5.5 MEDIUM
In radare2 prior to 3.1.1, core_anal_bytes in libr/core/cmd_anal.c allows attackers to cause a denial-of-service (application crash caused by out-of-bounds read) by crafting a binary file.
CVE-2018-12322 1 Radare 1 Radare2 2018-08-02 4.3 MEDIUM 5.5 MEDIUM
There is a heap out of bounds read in radare2 2.6.0 in _6502_op() in libr/anal/p/anal_6502.c via a crafted iNES ROM binary file.
CVE-2018-11376 1 Radare 1 Radare2 2018-06-27 4.3 MEDIUM 5.5 MEDIUM
The r_read_le32() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted ELF file.
CVE-2018-11377 1 Radare 1 Radare2 2018-06-27 4.3 MEDIUM 5.5 MEDIUM
The avr_op_analyze() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted binary file.
CVE-2018-11375 1 Radare 1 Radare2 2018-06-27 4.3 MEDIUM 5.5 MEDIUM
The _inst__lds() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted binary file.
CVE-2018-11380 1 Radare 1 Radare2 2018-06-27 4.3 MEDIUM 5.5 MEDIUM
The parse_import_ptr() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted Mach-O file.
CVE-2018-11379 1 Radare 1 Radare2 2018-06-27 4.3 MEDIUM 5.5 MEDIUM
The get_debug_info() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted PE file.
CVE-2018-11384 1 Radare 1 Radare2 2018-06-27 4.3 MEDIUM 5.5 MEDIUM
The sh_op() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted ELF file.
CVE-2018-11381 1 Radare 1 Radare2 2018-06-27 4.3 MEDIUM 5.5 MEDIUM
The string_scan_range() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted binary file.
CVE-2018-11382 1 Radare 1 Radare2 2018-06-27 4.3 MEDIUM 5.5 MEDIUM
The _inst__sts() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted binary file.
CVE-2017-16805 1 Radare 1 Radare2 2017-11-29 4.3 MEDIUM 5.5 MEDIUM
In radare2 2.0.1, libr/bin/dwarf.c allows remote attackers to cause a denial of service (invalid read and application crash) via a crafted ELF file, related to r_bin_dwarf_parse_comp_unit in dwarf.c and sdb_set_internal in shlr/sdb/src/sdb.c.
CVE-2017-16359 1 Radare 1 Radare2 2017-11-13 4.3 MEDIUM 5.5 MEDIUM
In radare 2.0.1, a pointer wraparound vulnerability exists in store_versioninfo_gnu_verdef() in libr/bin/format/elf/elf.c.
CVE-2017-9520 1 Radare 1 Radare2 2017-06-27 4.3 MEDIUM 5.5 MEDIUM
The r_config_set function in libr/config/config.c in radare2 1.5.0 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted DEX file.
CVE-2017-9762 1 Radare 1 Radare2 2017-06-27 4.3 MEDIUM 5.5 MEDIUM
The cmd_info function in libr/core/cmd_info.c in radare2 1.5.0 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted binary file.
CVE-2017-9761 1 Radare 1 Radare2 2017-06-27 4.3 MEDIUM 5.5 MEDIUM
The find_eoq function in libr/core/cmd.c in radare2 1.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted binary file.
CVE-2017-7946 1 Radare 1 Radare2 2017-04-21 4.3 MEDIUM 5.5 MEDIUM
The get_relocs_64 function in libr/bin/format/mach0/mach0.c in radare2 1.3.0 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted Mach0 file.