Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
radare radare2 vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2022-34520
Radare2 v5.7.2 exists to contain a NULL pointer dereference via the function r_bin_file_xtr_load_buffer at bin/bfile.c. This vulnerability allows malicious users to cause a Denial of Service (DOS) via a crafted binary file.
Radare Radare2 5.7.2
7.8
CVSSv3
CVE-2017-16357
In radare 2.0.1, a memory corruption vulnerability exists in store_versioninfo_gnu_verdef() and store_versioninfo_gnu_verneed() in libr/bin/format/elf/elf.c, as demonstrated by an invalid free. This error is due to improper sh_size validation when allocating memory.
Radare Radare2 2.0.1
7.8
CVSSv3
CVE-2017-16358
In radare 2.0.1, an out-of-bounds read vulnerability exists in string_scan_range() in libr/bin/bin.c when doing a string search.
Radare Radare2 2.0.1
5.5
CVSSv3
CVE-2017-16359
In radare 2.0.1, a pointer wraparound vulnerability exists in store_versioninfo_gnu_verdef() in libr/bin/format/elf/elf.c.
Radare Radare2 2.0.1
7.8
CVSSv3
CVE-2017-10929
The grub_memmove function in shlr/grub/kern/misc.c in radare2 1.5.0 allows remote malicious users to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, possibly related to a read overfl...
Radare Radare2 1.5.0
5.5
CVSSv3
CVE-2021-44975
radareorg radare2 5.5.2 is vulnerable to Buffer Overflow via /libr/core/anal_objc.c mach-o parser.
Radare Radare2 5.5.2
1 Github repository
5.5
CVSSv3
CVE-2018-10186
In radare2 2.5.0, there is a heap-based buffer over-read in the r_hex_bin2str function (libr/util/hex.c). Remote attackers could leverage this vulnerability to cause a denial of service via a crafted DEX file. This issue is different from CVE-2017-15368.
Radare Radare2 2.5.0
5.5
CVSSv3
CVE-2018-10187
In radare2 2.5.0, there is a heap-based buffer over-read in the dalvik_op function (libr/anal/p/anal_dalvik.c). Remote attackers could leverage this vulnerability to cause a denial of service via a crafted DEX file. Note that this issue is different from CVE-2018-8809, which was ...
Radare Radare2 2.5.0
7.8
CVSSv3
CVE-2017-9949
The grub_memmove function in shlr/grub/kern/misc.c in radare2 1.5.0 allows remote malicious users to cause a denial of service (stack-based buffer underflow and application crash) or possibly have unspecified other impact via a crafted binary file, possibly related to a buffer un...
Radare Radare2 1.5.0
5.5
CVSSv3
CVE-2017-9762
The cmd_info function in libr/core/cmd_info.c in radare2 1.5.0 allows remote malicious users to cause a denial of service (use-after-free and application crash) via a crafted binary file.
Radare Radare2 1.5.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23692
CVE-2012-1823
memory leak
CVE-2024-0627
CVE-2024-31402
privilege escalation
CVE-2024-36418
remote code execution
CVE-2024-27844
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »