Filtered by vendor Radare
Subscriptions
Filtered by product Radare2
Subscriptions
Total
135 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-9763 | 1 Radare | 1 Radare2 | 2025-04-20 | N/A |
| The grub_ext2_read_block function in fs/ext2.c in GNU GRUB before 2013-11-12, as used in shlr/grub/fs/ext2.c in radare2 1.5.0, allows remote attackers to cause a denial of service (excessive stack use and application crash) via a crafted binary file, related to use of a variable-size stack array. | ||||
| CVE-2017-9949 | 1 Radare | 1 Radare2 | 2025-04-20 | N/A |
| The grub_memmove function in shlr/grub/kern/misc.c in radare2 1.5.0 allows remote attackers to cause a denial of service (stack-based buffer underflow and application crash) or possibly have unspecified other impact via a crafted binary file, possibly related to a buffer underflow in fs/ext2.c in GNU GRUB 2.02. | ||||
| CVE-2017-6197 | 1 Radare | 1 Radare2 | 2025-04-20 | N/A |
| The r_read_* functions in libr/include/r_endian.h in radare2 1.2.1 allow remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted binary file, as demonstrated by the r_read_le32 function. | ||||
| CVE-2017-15932 | 1 Radare | 1 Radare2 | 2025-04-20 | N/A |
| In radare2 2.0.1, an integer exception (negative number leading to an invalid memory access) exists in store_versioninfo_gnu_verdef() in libr/bin/format/elf/elf.c via crafted ELF files when parsing the ELF version on 32bit systems. | ||||
| CVE-2022-4398 | 1 Radare | 1 Radare2 | 2025-04-14 | 7.8 High |
| Integer Overflow or Wraparound in GitHub repository radareorg/radare2 prior to 5.8.0. | ||||
| CVE-2022-4843 | 1 Radare | 1 Radare2 | 2025-04-09 | 7.5 High |
| NULL Pointer Dereference in GitHub repository radareorg/radare2 prior to 5.8.2. | ||||
| CVE-2023-0302 | 1 Radare | 1 Radare2 | 2025-04-07 | 7.8 High |
| Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) in GitHub repository radareorg/radare2 prior to 5.8.2. | ||||
| CVE-2024-26475 | 1 Radare | 1 Radare2 | 2025-03-27 | 5.5 Medium |
| An issue in radareorg radare2 v.0.9.7 through v.5.8.6 and fixed in v.5.8.8 allows a local attacker to cause a denial of service via the grub_sfs_read_extent function. | ||||
| CVE-2018-14015 | 1 Radare | 1 Radare2 | 2025-03-18 | 5.5 Medium |
| The sdb_set_internal function in sdb.c in radare2 2.7.0 allows remote attackers to cause a denial of service (invalid read and application crash) via a crafted ELF file because of missing input validation in r_bin_dwarf_parse_comp_unit in libr/bin/dwarf.c. | ||||
| CVE-2024-29645 | 1 Radare | 1 Radare2 | 2025-03-13 | 7.8 High |
| Buffer Overflow vulnerability in radarorg radare2 v.5.8.8 allows an attacker to execute arbitrary code via the parse_die function. | ||||
| CVE-2023-27114 | 1 Radare | 1 Radare2 | 2025-02-28 | 5.5 Medium |
| radare2 v5.8.3 was discovered to contain a segmentation fault via the component wasm_dis at p/wasm/wasm.c. | ||||
| CVE-2023-1605 | 1 Radare | 1 Radare2 | 2025-02-25 | 7.5 High |
| Denial of Service in GitHub repository radareorg/radare2 prior to 5.8.6. | ||||
| CVE-2023-5686 | 2 Fedoraproject, Radare | 2 Fedora, Radare2 | 2025-02-13 | 8.8 High |
| Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.9.0. | ||||
| CVE-2023-4322 | 2 Fedoraproject, Radare | 2 Fedora, Radare2 | 2025-02-13 | 9.8 Critical |
| Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.9.0. | ||||
| CVE-2023-47016 | 1 Radare | 1 Radare2 | 2024-11-21 | 7.5 High |
| radare2 5.8.9 has an out-of-bounds read in r_bin_object_set_items in libr/bin/bobj.c, causing a crash in r_read_le32 in libr/include/r_endian.h. | ||||
| CVE-2023-46570 | 1 Radare | 1 Radare2 | 2024-11-21 | 9.8 Critical |
| An out-of-bounds read in radare2 v.5.8.9 and before exists in the print_insn32 function of libr/arch/p/nds32/nds32-dis.h. | ||||
| CVE-2023-46569 | 1 Radare | 1 Radare2 | 2024-11-21 | 9.8 Critical |
| An out-of-bounds read in radare2 v.5.8.9 and before exists in the print_insn32_fpu function of libr/arch/p/nds32/nds32-dis.h. | ||||
| CVE-2022-34520 | 1 Radare | 1 Radare2 | 2024-11-21 | 5.5 Medium |
| Radare2 v5.7.2 was discovered to contain a NULL pointer dereference via the function r_bin_file_xtr_load_buffer at bin/bfile.c. This vulnerability allows attackers to cause a Denial of Service (DOS) via a crafted binary file. | ||||
| CVE-2022-34502 | 1 Radare | 1 Radare2 | 2024-11-21 | 5.5 Medium |
| Radare2 v5.7.0 was discovered to contain a heap buffer overflow via the function consume_encoded_name_new at format/wasm/wasm.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted binary file. | ||||
| CVE-2022-28073 | 1 Radare | 1 Radare2 | 2024-11-21 | 7.5 High |
| A use after free in r_reg_set_value function in radare2 5.4.2 and 5.4.0. | ||||