Vulnerabilities (CVE)

Filtered by vendor Radare Subscribe
Total 133 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-5686 2 Fedoraproject, Radare 2 Fedora, Radare2 2024-11-21 N/A 8.8 HIGH
Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.9.0.
CVE-2023-4322 2 Fedoraproject, Radare 2 Fedora, Radare2 2024-11-21 N/A 9.8 CRITICAL
Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.9.0.
CVE-2023-47016 1 Radare 1 Radare2 2024-11-21 N/A 7.5 HIGH
radare2 5.8.9 has an out-of-bounds read in r_bin_object_set_items in libr/bin/bobj.c, causing a crash in r_read_le32 in libr/include/r_endian.h.
CVE-2023-46570 1 Radare 1 Radare2 2024-11-21 N/A 9.8 CRITICAL
An out-of-bounds read in radare2 v.5.8.9 and before exists in the print_insn32 function of libr/arch/p/nds32/nds32-dis.h.
CVE-2023-46569 1 Radare 1 Radare2 2024-11-21 N/A 9.8 CRITICAL
An out-of-bounds read in radare2 v.5.8.9 and before exists in the print_insn32_fpu function of libr/arch/p/nds32/nds32-dis.h.
CVE-2023-27114 1 Radare 1 Radare2 2024-11-21 N/A 5.5 MEDIUM
radare2 v5.8.3 was discovered to contain a segmentation fault via the component wasm_dis at p/wasm/wasm.c.
CVE-2023-1605 1 Radare 1 Radare2 2024-11-21 N/A 7.5 HIGH
Denial of Service in GitHub repository radareorg/radare2 prior to 5.8.6.
CVE-2023-0302 1 Radare 1 Radare2 2024-11-21 N/A 7.8 HIGH
Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) in GitHub repository radareorg/radare2 prior to 5.8.2.
CVE-2022-4843 1 Radare 1 Radare2 2024-11-21 N/A 7.5 HIGH
NULL Pointer Dereference in GitHub repository radareorg/radare2 prior to 5.8.2.
CVE-2022-4398 1 Radare 1 Radare2 2024-11-21 N/A 7.8 HIGH
Integer Overflow or Wraparound in GitHub repository radareorg/radare2 prior to 5.8.0.
CVE-2022-34520 1 Radare 1 Radare2 2024-11-21 N/A 5.5 MEDIUM
Radare2 v5.7.2 was discovered to contain a NULL pointer dereference via the function r_bin_file_xtr_load_buffer at bin/bfile.c. This vulnerability allows attackers to cause a Denial of Service (DOS) via a crafted binary file.
CVE-2022-34502 1 Radare 1 Radare2 2024-11-21 N/A 5.5 MEDIUM
Radare2 v5.7.0 was discovered to contain a heap buffer overflow via the function consume_encoded_name_new at format/wasm/wasm.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted binary file.
CVE-2022-28073 1 Radare 1 Radare2 2024-11-21 N/A 7.5 HIGH
A use after free in r_reg_set_value function in radare2 5.4.2 and 5.4.0.
CVE-2022-28072 1 Radare 1 Radare2 2024-11-21 N/A 7.5 HIGH
A heap buffer overflow in r_read_le32 function in radare25.4.2 and 5.4.0.
CVE-2022-28071 1 Radare 1 Radare2 2024-11-21 N/A 7.5 HIGH
A use after free in r_reg_get_name_idx function in radare2 5.4.2 and 5.4.0.
CVE-2022-28070 1 Radare 1 Radare2 2024-11-21 N/A 7.5 HIGH
A null pointer deference in __core_anal_fcn function in radare2 5.4.2 and 5.4.0.
CVE-2022-28069 1 Radare 1 Radare2 2024-11-21 N/A 7.5 HIGH
A heap buffer overflow in vax_opfunction in radare2 5.4.2 and 5.4.0.
CVE-2022-28068 1 Radare 1 Radare2 2024-11-21 N/A 7.5 HIGH
A heap buffer overflow in r_sleb128 function in radare2 5.4.2 and 5.4.0.
CVE-2022-1899 1 Radare 1 Radare2 2024-11-21 6.4 MEDIUM 9.1 CRITICAL
Out-of-bounds Read in GitHub repository radareorg/radare2 prior to 5.7.0.
CVE-2022-1809 1 Radare 1 Radare2 2024-11-21 6.8 MEDIUM 7.8 HIGH
Access of Uninitialized Pointer in GitHub repository radareorg/radare2 prior to 5.7.0.