Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
radare radare2 vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2022-1649
Null pointer dereference in libr/bin/format/mach0/mach0.c in radareorg/radare2 in GitHub repository radareorg/radare2 before 5.7.0. It is likely to be exploitable. For more general description of heap buffer overflow, see [CWE](https://cwe.mitre.org/data/definitions/476.html).
Radare Radare2
7.8
CVSSv3
CVE-2023-0302
Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) in GitHub repository radareorg/radare2 before 5.8.2.
Radare Radare2
7.5
CVSSv3
CVE-2023-1605
Denial of Service in GitHub repository radareorg/radare2 before 5.8.6.
Radare Radare2
5.5
CVSSv3
CVE-2021-44974
radareorg radare2 version 5.5.2 is vulnerable to NULL Pointer Dereference via libr/bin/p/bin_symbols.c binary symbol parser.
Radare Radare2
1 Github repository
7.5
CVSSv3
CVE-2023-47016
radare2 5.8.9 has an out-of-bounds read in r_bin_object_set_items in libr/bin/bobj.c, causing a crash in r_read_le32 in libr/include/r_endian.h.
Radare Radare2
5.5
CVSSv3
CVE-2018-19843
opmov in libr/asm/p/asm_x86_nz.c in radare2 prior to 3.1.0 allows malicious users to cause a denial of service (buffer over-read) via crafted x86 assembly data, as demonstrated by rasm2.
Radare Radare2
9.8
CVSSv3
CVE-2022-0139
Use After Free in GitHub repository radareorg/radare2 before 5.6.0.
Radare Radare2
7.8
CVSSv3
CVE-2017-16357
In radare 2.0.1, a memory corruption vulnerability exists in store_versioninfo_gnu_verdef() and store_versioninfo_gnu_verneed() in libr/bin/format/elf/elf.c, as demonstrated by an invalid free. This error is due to improper sh_size validation when allocating memory.
Radare Radare2 2.0.1
5.5
CVSSv3
CVE-2017-16805
In radare2 2.0.1, libr/bin/dwarf.c allows remote malicious users to cause a denial of service (invalid read and application crash) via a crafted ELF file, related to r_bin_dwarf_parse_comp_unit in dwarf.c and sdb_set_internal in shlr/sdb/src/sdb.c.
Radare Radare2 2.0.1
7.5
CVSSv3
CVE-2021-32494
Radare2 has a division by zero vulnerability in Mach-O parser's rebase_buffer function. This allow malicious users to create malicious inputs that can cause denial of service.
Radare Radare2 5.3.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »