Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
radare radare2 vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2022-1240
Heap buffer overflow in libr/bin/format/mach0/mach0.c in GitHub repository radareorg/radare2 before 5.8.6. If address sanitizer is disabled during the compiling, the program should executes into the `r_str_ncpy` function. Therefore I think it is very likely to be exploitable. For...
Radare Radare2
5.5
CVSSv3
CVE-2022-1382
NULL Pointer Dereference in GitHub repository radareorg/radare2 before 5.6.8. This vulnerability is capable of making the radare2 crash, thus affecting the availability of the system.
Radare Radare2
6.1
CVSSv3
CVE-2022-1383
Heap-based Buffer Overflow in GitHub repository radareorg/radare2 before 5.6.8. The bug causes the program reads data past the end of the intented buffer. Typically, this can allow malicious users to read sensitive information from other memory locations or cause a crash.
Radare Radare2
5.5
CVSSv3
CVE-2022-1444
heap-use-after-free in GitHub repository radareorg/radare2 before 5.7.0. This vulnerability is capable of inducing denial of service.
Radare Radare2
9.1
CVSSv3
CVE-2022-1899
Out-of-bounds Read in GitHub repository radareorg/radare2 before 5.7.0.
Radare Radare2
7.5
CVSSv3
CVE-2020-27793
An off-by-one overflow flaw was found in radare2 due to mismatched array length in core_java.c. This could allow an malicious user to cause a crash, and perform a denail of service attack.
Radare Radare2
9.1
CVSSv3
CVE-2020-27794
A double free issue exists in radare2 in cmd_info.c:cmd_info(). Successful exploitation could lead to modification of unexpected memory locations and potentially causing a crash.
Radare Radare2
7.5
CVSSv3
CVE-2020-27795
A segmentation fault exists in radare2 with adf command. In libr/core/cmd_anal.c, when command "adf" has no or wrong argument, anal_fcn_data (core, input + 1) --> RAnalFunction *fcn = r_anal_get_fcn_in (core->anal, core->offset, -1); returns null pointer for fc...
Radare Radare2
5.5
CVSSv3
CVE-2018-19842
getToken in libr/asm/p/asm_x86_nz.c in radare2 prior to 3.1.0 allows malicious users to cause a denial of service (stack-based buffer over-read) via crafted x86 assembly data, as demonstrated by rasm2.
Radare Radare2
7.1
CVSSv3
CVE-2022-1714
Out-of-bounds Read in GitHub repository radareorg/radare2 before 5.7.0. The bug causes the program reads data past the end of the intented buffer. Typically, this can allow malicious users to read sensitive information from other memory locations or cause a crash.
Radare Radare2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5274
CVE-2024-35388
CVE-2024-35396
elevation of privilege
CVE-2021-47544
file upload
CVE-2021-47545
memory leak
CVE-2024-4956
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »