Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
radare2 vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2018-12320
There is a use after free in radare2 2.6.0 in r_anal_bb_free() in libr/anal/bb.c via a crafted Java binary file.
Radare Radare2 2.6.0
4.3
CVSSv2
CVE-2018-12322
There is a heap out of bounds read in radare2 2.6.0 in _6502_op() in libr/anal/p/anal_6502.c via a crafted iNES ROM binary file.
Radare Radare2 2.6.0
7.5
CVSSv2
CVE-2020-24133
A heap buffer overflow vulnerability in the r_asm_swf_disass function of Radare2-extras before commit e74a93c allows malicious users to execute arbitrary code or carry out denial of service (DOS) attacks.
Radare Radare2-extras
4.3
CVSSv2
CVE-2018-10186
In radare2 2.5.0, there is a heap-based buffer over-read in the r_hex_bin2str function (libr/util/hex.c). Remote attackers could leverage this vulnerability to cause a denial of service via a crafted DEX file. This issue is different from CVE-2017-15368.
Radare Radare2 2.5.0
4.3
CVSSv2
CVE-2018-10187
In radare2 2.5.0, there is a heap-based buffer over-read in the dalvik_op function (libr/anal/p/anal_dalvik.c). Remote attackers could leverage this vulnerability to cause a denial of service via a crafted DEX file. Note that this issue is different from CVE-2018-8809, which was ...
Radare Radare2 2.5.0
NA
CVE-2021-32494
Radare2 has a division by zero vulnerability in Mach-O parser's rebase_buffer function. This allow malicious users to create malicious inputs that can cause denial of service.
Radare Radare2 5.3.0
4.3
CVSSv2
CVE-2018-11375
The _inst__lds() function in radare2 2.5.0 allows remote malicious users to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted binary file.
Radare Radare2 2.5.0
4.3
CVSSv2
CVE-2018-11379
The get_debug_info() function in radare2 2.5.0 allows remote malicious users to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted PE file.
Radare Radare2 2.5.0
6.8
CVSSv2
CVE-2018-11378
The wasm_dis() function in libr/asm/arch/wasm/wasm.c in or possibly have unspecified other impact via a crafted WASM file.
Radare Radare2 2.5.0
6.8
CVSSv2
CVE-2017-15368
The wasm_dis function in libr/asm/arch/wasm/wasm.c in radare2 2.0.0 allows remote malicious users to cause a denial of service (stack-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted WASM file that triggers an incorrect r_hex_b...
Radare Radare2 2.0.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »