VYPR

Rizin

by Rizin

Source repositories

CVEs (23)

  • CVE-2024-53256HigDec 23, 2024
    risk 0.44cvss 7.8epss 0.01

    Rizin is a UNIX-like reverse engineering framework and command-line toolset. `rizin.c` still had an old snippet of code which suffered a command injection due the usage of `rz_core_cmdf` to invoke the command `m` which was removed in v0.1.x. A malicious binary defining `bclass`…

  • CVE-2026-31053MedApr 6, 2026
    risk 0.33cvss 6.2epss 0.00

    A double free vulnerability exists in librz/bin/format/le/le.c in the function le_load_fixup_record(). When processing malformed or circular LE fixup chains, relocation entries may be freed multiple times during error handling. A specially crafted LE binary can trigger heap…

  • CVE-2026-45613LowMay 29, 2026
    risk 0.14cvss 3.3epss 0.00

    Rizin is a UNIX-like reverse engineering framework and command-line toolset. There is a heap-buffer-overflow in librz/bin/format/omf/omf.c. This vulnerability is fixed by commit e6d0937c8a083e23ed76ccfb9f631cdc50c7af47.

  • CVE-2026-45324LowMay 29, 2026
    risk 0.14cvss 3.3epss 0.00

    Rizin is a UNIX-like reverse engineering framework and command-line toolset. There is a double free in librz/core/cmd/cmd_search.c:byte_pattern_search() due wrong pointer ownership declared. This vulnerability is fixed by commit 045fff363b42b8a6dda8ad5229c29ec3267e7dbe.

  • CVE-2026-22780Feb 2, 2026
    risk 0.00cvss epss 0.00

    Rizin is a UNIX-like reverse engineering framework and command-line toolset. Prior to 0.8.2, a heap overflow can be exploited when a malicious mach0 file, having bogus entries for the dyld chained segments, is parsed by rizin. This vulnerability is fixed in 0.8.2.

  • CVE-2025-1788Mar 1, 2025
    risk 0.00cvss epss 0.00

    A vulnerability, which was classified as critical, was found in rizinorg rizin up to 0.8.0. This affects the function rz_utf8_encode in the library /librz/util/utf8.c. The manipulation leads to heap-based buffer overflow. An attack has to be approached locally. The exploit has…

  • CVE-2025-1786Mar 1, 2025
    risk 0.00cvss epss 0.00

    A vulnerability was found in rizinorg rizin up to 0.7.4. It has been rated as critical. This issue affects the function msf_stream_directory_free in the library /librz/bin/pdb/pdb.c. The manipulation of the argument -P leads to buffer overflow. Local access is required to…

  • CVE-2024-31668Dec 17, 2024
    risk 0.00cvss epss 0.01

    rizin before v0.6.3 is vulnerable to Improper Neutralization of Special Elements via meta_set function in librz/analysis/meta.

  • CVE-2024-31670Dec 12, 2024
    risk 0.00cvss epss 0.00

    rizin before v0.6.3 is vulnerable to Buffer Overflow via create_cache_bins, read_cache_accel, and rz_dyldcache_new_buf functions in librz/bin/format/mach0/dyldcache.c.

  • CVE-2024-31669Dec 2, 2024
    risk 0.00cvss epss 0.00

    rizin before Release v0.6.3 is vulnerable to Uncontrolled Resource Consumption via bin_pe_parse_imports, Pe_r_bin_pe_parse_var, and estimate_slide.

  • CVE-2023-40022Aug 24, 2023
    risk 0.00cvss epss 0.00

    Rizin is a UNIX-like reverse engineering framework and command-line toolset. Versions 0.6.0 and prior are vulnerable to integer overflow in `consume_count` of `src/gnu_v2/cplus-dem.c`. The overflow check is valid logic but, is missing the modulus if the block once compiled. The…

  • CVE-2023-30226Jul 12, 2023
    risk 0.00cvss epss 0.00

    An issue was discovered in function get_gnu_verneed in rizinorg Rizin prior to 0.5.0 verneed_entry allows attackers to cause a denial of service via crafted elf file.

  • CVE-2021-3674Mar 24, 2023
    risk 0.00cvss epss 0.00

    A flaw was found in rizin. The create_section_from_phdr function allocates space for ELF section data by processing the headers. Crafted values in the headers can cause out of bounds reads, which can lead to memory corruption and possibly code execution through the binary…

  • CVE-2023-27590Mar 14, 2023
    risk 0.00cvss epss 0.00

    Rizin is a UNIX-like reverse engineering framework and command-line toolset. In version 0.5.1 and prior, converting a GDB registers profile file into a Rizin register profile can result in a stack-based buffer overflow when the `name`, `type`, or `groups` fields have longer…

  • CVE-2022-36039Sep 6, 2022
    risk 0.00cvss epss 0.00

    Rizin is a UNIX-like reverse engineering framework and command-line toolset. Versions 0.4.0 and prior are vulnerable to out-of-bounds write when parsing DEX files. A user opening a malicious DEX file could be affected by this vulnerability, allowing an attacker to execute code…

  • CVE-2022-36043Sep 6, 2022
    risk 0.00cvss epss 0.00

    Rizin is a UNIX-like reverse engineering framework and command-line toolset. Versions 0.4.0 and prior are vulnerable to a double free in bobj.c:rz_bin_reloc_storage_free() when freeing relocations generated from qnx binary plugin. A user opening a malicious qnx binary could be…

  • CVE-2022-36041Sep 6, 2022
    risk 0.00cvss epss 0.00

    Rizin is a UNIX-like reverse engineering framework and command-line toolset. Versions 0.4.0 and prior are vulnerable to an out-of-bounds write when parsing Mach-O files. A user opening a malicious Mach-O file could be affected by this vulnerability, allowing an attacker to…

  • CVE-2022-36044Sep 6, 2022
    risk 0.00cvss epss 0.00

    Rizin is a UNIX-like reverse engineering framework and command-line toolset. Versions 0.4.0 and prior are vulnerable to an out-of-bounds write when getting data from Luac files. A user opening a malicious Luac file could be affected by this vulnerability, allowing an attacker to…

  • CVE-2022-36042Sep 6, 2022
    risk 0.00cvss epss 0.00

    Rizin is a UNIX-like reverse engineering framework and command-line toolset. Versions 0.4.0 and prior are vulnerable to an out-of-bounds write when getting data from dyld cache files. A user opening a malicious dyld cache file could be affected by this vulnerability, allowing an…

  • CVE-2022-36040Sep 6, 2022
    risk 0.00cvss epss 0.00

    Rizin is a UNIX-like reverse engineering framework and command-line toolset. Versions 0.4.0 and prior are vulnerable to an out-of-bounds write when getting data from PYC(python) files. A user opening a malicious PYC file could be affected by this vulnerability, allowing an…

Page 1 of 2