rpm package
opensuse/radare2&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/radare2&distro=openSUSE%20Tumbleweed
Vulnerabilities (50)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-1296 | — | < 5.7.0-1.1 | 5.7.0-1.1 | Apr 11, 2022 | Out-of-bounds read in `r_bin_ne_get_relocs` function in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability may allow attackers to read sensitive information or cause a crash. | ||
| CVE-2022-1284 | — | < 5.7.0-1.1 | 5.7.0-1.1 | Apr 8, 2022 | heap-use-after-free in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability is capable of inducing denial of service. | ||
| CVE-2022-1283 | — | < 5.7.0-1.1 | 5.7.0-1.1 | Apr 8, 2022 | NULL Pointer Dereference in r_bin_ne_get_entrypoints function in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability allows attackers to cause a denial of service (application crash). | ||
| CVE-2022-1240 | — | < 5.7.0-1.1 | 5.7.0-1.1 | Apr 6, 2022 | Heap buffer overflow in libr/bin/format/mach0/mach0.c in GitHub repository radareorg/radare2 prior to 5.8.6. If address sanitizer is disabled during the compiling, the program should executes into the `r_str_ncpy` function. Therefore I think it is very likely to be exploitable. F | ||
| CVE-2022-1237 | — | < 5.7.0-1.1 | 5.7.0-1.1 | Apr 6, 2022 | Improper Validation of Array Index in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability is heap overflow and may be exploitable. For more general description of heap buffer overflow, see [CWE](https://cwe.mitre.org/data/definitions/122.html). | ||
| CVE-2022-1238 | — | < 5.7.0-1.1 | 5.7.0-1.1 | Apr 6, 2022 | Out-of-bounds Write in libr/bin/format/ne/ne.c in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability is heap overflow and may be exploitable. For more general description of heap buffer overflow, see [CWE](https://cwe.mitre.org/data/definitions/122.html). | ||
| CVE-2022-1244 | — | < 5.7.0-1.1 | 5.7.0-1.1 | Apr 5, 2022 | heap-buffer-overflow in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability is capable of inducing denial of service. | ||
| CVE-2022-1207 | — | < 5.7.0-1.1 | 5.7.0-1.1 | Apr 1, 2022 | Out-of-bounds read in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability allows attackers to read sensitive information from outside the allocated buffer boundary. | ||
| CVE-2022-1052 | — | < 5.7.0-1.1 | 5.7.0-1.1 | Mar 24, 2022 | Heap Buffer Overflow in iterate_chained_fixups in GitHub repository radareorg/radare2 prior to 5.6.6. | ||
| CVE-2022-1061 | — | < 5.7.0-1.1 | 5.7.0-1.1 | Mar 24, 2022 | Heap Buffer Overflow in parseDragons in GitHub repository radareorg/radare2 prior to 5.6.8. | ||
| CVE-2022-1031 | — | < 5.7.0-1.1 | 5.7.0-1.1 | Mar 22, 2022 | Use After Free in op_is_set_bp in GitHub repository radareorg/radare2 prior to 5.6.6. | ||
| CVE-2022-0849 | — | < 5.7.0-1.1 | 5.7.0-1.1 | Mar 5, 2022 | Use After Free in r_reg_get_name_idx in GitHub repository radareorg/radare2 prior to 5.6.6. | ||
| CVE-2022-0695 | — | < 5.7.0-1.1 | 5.7.0-1.1 | Feb 24, 2022 | Denial of Service in GitHub repository radareorg/radare2 prior to 5.6.4. | ||
| CVE-2022-0476 | — | < 5.7.0-1.1 | 5.7.0-1.1 | Feb 23, 2022 | Denial of Service in GitHub repository radareorg/radare2 prior to 5.6.4. | ||
| CVE-2022-0713 | — | < 5.7.0-1.1 | 5.7.0-1.1 | Feb 22, 2022 | Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.6.4. | ||
| CVE-2022-0712 | — | < 5.7.0-1.1 | 5.7.0-1.1 | Feb 22, 2022 | NULL Pointer Dereference in GitHub repository radareorg/radare2 prior to 5.6.4. | ||
| CVE-2022-0676 | — | < 5.7.0-1.1 | 5.7.0-1.1 | Feb 22, 2022 | Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.6.4. | ||
| CVE-2022-0559 | — | < 5.7.0-1.1 | 5.7.0-1.1 | Feb 16, 2022 | Use After Free in GitHub repository radareorg/radare2 prior to 5.6.2. | ||
| CVE-2022-0522 | — | < 5.7.0-1.1 | 5.7.0-1.1 | Feb 8, 2022 | Access of Memory Location Before Start of Buffer in NPM radare2.js prior to 5.6.2. | ||
| CVE-2022-0521 | — | < 5.7.0-1.1 | 5.7.0-1.1 | Feb 8, 2022 | Access of Memory Location After End of Buffer in GitHub repository radareorg/radare2 prior to 5.6.2. |
- CVE-2022-1296Apr 11, 2022affected < 5.7.0-1.1fixed 5.7.0-1.1
Out-of-bounds read in `r_bin_ne_get_relocs` function in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability may allow attackers to read sensitive information or cause a crash.
- CVE-2022-1284Apr 8, 2022affected < 5.7.0-1.1fixed 5.7.0-1.1
heap-use-after-free in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability is capable of inducing denial of service.
- CVE-2022-1283Apr 8, 2022affected < 5.7.0-1.1fixed 5.7.0-1.1
NULL Pointer Dereference in r_bin_ne_get_entrypoints function in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability allows attackers to cause a denial of service (application crash).
- CVE-2022-1240Apr 6, 2022affected < 5.7.0-1.1fixed 5.7.0-1.1
Heap buffer overflow in libr/bin/format/mach0/mach0.c in GitHub repository radareorg/radare2 prior to 5.8.6. If address sanitizer is disabled during the compiling, the program should executes into the `r_str_ncpy` function. Therefore I think it is very likely to be exploitable. F
- CVE-2022-1237Apr 6, 2022affected < 5.7.0-1.1fixed 5.7.0-1.1
Improper Validation of Array Index in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability is heap overflow and may be exploitable. For more general description of heap buffer overflow, see [CWE](https://cwe.mitre.org/data/definitions/122.html).
- CVE-2022-1238Apr 6, 2022affected < 5.7.0-1.1fixed 5.7.0-1.1
Out-of-bounds Write in libr/bin/format/ne/ne.c in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability is heap overflow and may be exploitable. For more general description of heap buffer overflow, see [CWE](https://cwe.mitre.org/data/definitions/122.html).
- CVE-2022-1244Apr 5, 2022affected < 5.7.0-1.1fixed 5.7.0-1.1
heap-buffer-overflow in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability is capable of inducing denial of service.
- CVE-2022-1207Apr 1, 2022affected < 5.7.0-1.1fixed 5.7.0-1.1
Out-of-bounds read in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability allows attackers to read sensitive information from outside the allocated buffer boundary.
- CVE-2022-1052Mar 24, 2022affected < 5.7.0-1.1fixed 5.7.0-1.1
Heap Buffer Overflow in iterate_chained_fixups in GitHub repository radareorg/radare2 prior to 5.6.6.
- CVE-2022-1061Mar 24, 2022affected < 5.7.0-1.1fixed 5.7.0-1.1
Heap Buffer Overflow in parseDragons in GitHub repository radareorg/radare2 prior to 5.6.8.
- CVE-2022-1031Mar 22, 2022affected < 5.7.0-1.1fixed 5.7.0-1.1
Use After Free in op_is_set_bp in GitHub repository radareorg/radare2 prior to 5.6.6.
- CVE-2022-0849Mar 5, 2022affected < 5.7.0-1.1fixed 5.7.0-1.1
Use After Free in r_reg_get_name_idx in GitHub repository radareorg/radare2 prior to 5.6.6.
- CVE-2022-0695Feb 24, 2022affected < 5.7.0-1.1fixed 5.7.0-1.1
Denial of Service in GitHub repository radareorg/radare2 prior to 5.6.4.
- CVE-2022-0476Feb 23, 2022affected < 5.7.0-1.1fixed 5.7.0-1.1
Denial of Service in GitHub repository radareorg/radare2 prior to 5.6.4.
- CVE-2022-0713Feb 22, 2022affected < 5.7.0-1.1fixed 5.7.0-1.1
Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.6.4.
- CVE-2022-0712Feb 22, 2022affected < 5.7.0-1.1fixed 5.7.0-1.1
NULL Pointer Dereference in GitHub repository radareorg/radare2 prior to 5.6.4.
- CVE-2022-0676Feb 22, 2022affected < 5.7.0-1.1fixed 5.7.0-1.1
Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.6.4.
- CVE-2022-0559Feb 16, 2022affected < 5.7.0-1.1fixed 5.7.0-1.1
Use After Free in GitHub repository radareorg/radare2 prior to 5.6.2.
- CVE-2022-0522Feb 8, 2022affected < 5.7.0-1.1fixed 5.7.0-1.1
Access of Memory Location Before Start of Buffer in NPM radare2.js prior to 5.6.2.
- CVE-2022-0521Feb 8, 2022affected < 5.7.0-1.1fixed 5.7.0-1.1
Access of Memory Location After End of Buffer in GitHub repository radareorg/radare2 prior to 5.6.2.
Page 2 of 3