Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
radare2 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2022-28072
A heap buffer overflow in r_read_le32 function in radare25.4.2 and 5.4.0.
Radare Radare2 5.4.2
Radare Radare2 5.4.0
7.5
CVSSv3
CVE-2022-28073
A use after free in r_reg_set_value function in radare2 5.4.2 and 5.4.0.
Radare Radare2 5.4.2
Radare Radare2 5.4.0
7.5
CVSSv3
CVE-2022-28071
A use after free in r_reg_get_name_idx function in radare2 5.4.2 and 5.4.0.
Radare Radare2 5.4.2
Radare Radare2 5.4.0
7.5
CVSSv3
CVE-2022-28068
A heap buffer overflow in r_sleb128 function in radare2 5.4.2 and 5.4.0.
Radare Radare2 5.4.2
Radare Radare2 5.4.0
7.5
CVSSv3
CVE-2022-28069
A heap buffer overflow in vax_opfunction in radare2 5.4.2 and 5.4.0.
Radare Radare2 5.4.2
Radare Radare2 5.4.0
7.5
CVSSv3
CVE-2022-28070
A null pointer deference in __core_anal_fcn function in radare2 5.4.2 and 5.4.0.
Radare Radare2 5.4.2
Radare Radare2 5.4.0
7.8
CVSSv3
CVE-2019-12790
In radare2 up to and including 3.5.1, there is a heap-based buffer over-read in the r_egg_lang_parsechar function of egg_lang.c. This allows remote malicious users to cause a denial of service (application crash) or possibly have unspecified other impact because of missing length...
Radare Radare2
5.5
CVSSv3
CVE-2021-44974
radareorg radare2 version 5.5.2 is vulnerable to NULL Pointer Dereference via libr/bin/p/bin_symbols.c binary symbol parser.
Radare Radare2
1 Github repository
7.5
CVSSv3
CVE-2021-4021
A vulnerability was found in Radare2 in versions before 5.6.2, 5.6.0, 5.5.4 and 5.5.2. Mapping a huge section filled with zeros of an ELF64 binary for MIPS architecture can lead to uncontrolled resource consumption and DoS.
Radare Radare2
7.8
CVSSv3
CVE-2019-19590
In radare2 up to and including 4.0, there is an integer overflow for the variable new_token_size in the function r_asm_massemble at libr/asm/asm.c. This integer overflow will result in a Use-After-Free for the buffer tokens, which can be filled with arbitrary malicious data after...
Radare Radare2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
CVE-2006-4304
CVE-2023-26603
CVE-2024-28327
CVE-2023-50363
CVE-2024-21905
template injection
CVE-2024-3400
cross-site request forgery
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »