Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
radare radare2 vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2017-15932
In radare2 2.0.1, an integer exception (negative number leading to an invalid memory access) exists in store_versioninfo_gnu_verdef() in libr/bin/format/elf/elf.c via crafted ELF files when parsing the ELF version on 32bit systems.
Radare Radare2 2.0.1
5.5
CVSSv3
CVE-2017-6387
The dex_loadcode function in libr/bin/p/bin_dex.c in radare2 1.2.1 allows remote malicious users to cause a denial of service (out-of-bounds read and application crash) via a crafted DEX file.
Radare Radare2 1.2.1
5.5
CVSSv3
CVE-2017-7716
The read_u32_leb128 function in libr/util/uleb128.c in radare2 1.3.0 allows remote malicious users to cause a denial of service (heap-based buffer over-read and application crash) via a crafted Web Assembly file.
Radare Radare2 1.3.0
5.5
CVSSv3
CVE-2017-7854
The consume_init_expr function in wasm.c in radare2 1.3.0 allows remote malicious users to cause a denial of service (heap-based buffer over-read and application crash) via a crafted Web Assembly file.
Radare Radare2 1.3.0
5.5
CVSSv3
CVE-2018-14015
The sdb_set_internal function in sdb.c in radare2 2.7.0 allows remote malicious users to cause a denial of service (invalid read and application crash) via a crafted ELF file because of missing input validation in r_bin_dwarf_parse_comp_unit in libr/bin/dwarf.c.
Radare Radare2 2.7.0
5.5
CVSSv3
CVE-2018-14017
The r_bin_java_annotation_new function in shlr/java/class.c in radare2 2.7.0 allows remote malicious users to cause a denial of service (heap-based buffer over-read and application crash) via a crafted .class file because of missing input validation in r_bin_java_line_number_tabl...
Radare Radare2 2.7.0
5.5
CVSSv3
CVE-2017-7946
The get_relocs_64 function in libr/bin/format/mach0/mach0.c in radare2 1.3.0 allows remote malicious users to cause a denial of service (use-after-free and application crash) via a crafted Mach0 file.
Radare Radare2 1.3.0
5.5
CVSSv3
CVE-2022-34502
Radare2 v5.7.0 exists to contain a heap buffer overflow via the function consume_encoded_name_new at format/wasm/wasm.c. This vulnerability allows malicious users to cause a Denial of Service (DoS) via a crafted binary file.
Radare Radare2 5.7.0
5.5
CVSSv3
CVE-2022-34520
Radare2 v5.7.2 exists to contain a NULL pointer dereference via the function r_bin_file_xtr_load_buffer at bin/bfile.c. This vulnerability allows malicious users to cause a Denial of Service (DOS) via a crafted binary file.
Radare Radare2 5.7.2
7.8
CVSSv3
CVE-2017-6194
The relocs function in libr/bin/p/bin_bflt.c in radare2 1.2.1 allows remote malicious users to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file.
Radare Radare2 1.2.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »