VYPR

Radare2

by Radare

Source repositories

CVEs (163)

  • CVE-2018-10187MedApr 17, 2018
    risk 0.36cvss 5.5epss 0.01

    In radare2 2.5.0, there is a heap-based buffer over-read in the dalvik_op function (libr/anal/p/anal_dalvik.c). Remote attackers could leverage this vulnerability to cause a denial of service via a crafted DEX file. Note that this issue is different from CVE-2018-8809, which was…

  • CVE-2018-10186MedApr 17, 2018
    risk 0.36cvss 5.5epss 0.01

    In radare2 2.5.0, there is a heap-based buffer over-read in the r_hex_bin2str function (libr/util/hex.c). Remote attackers could leverage this vulnerability to cause a denial of service via a crafted DEX file. This issue is different from CVE-2017-15368.

  • CVE-2018-8810MedMar 20, 2018
    risk 0.36cvss 5.5epss 0.01

    In radare2 2.4.0, there is a heap-based buffer over-read in the get_ivar_list_t function of mach0_classes.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted Mach-O file.

  • CVE-2018-8809MedMar 20, 2018
    risk 0.36cvss 5.5epss 0.01

    In radare2 2.4.0, there is a heap-based buffer over-read in the dalvik_op function of anal_dalvik.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted dex file.

  • CVE-2018-8808MedMar 20, 2018
    risk 0.36cvss 5.5epss 0.01

    In radare2 2.4.0, there is a heap-based buffer over-read in the r_asm_disassemble function of asm.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted dex file.

  • CVE-2017-16805MedNov 13, 2017
    risk 0.36cvss 5.5epss 0.01

    In radare2 2.0.1, libr/bin/dwarf.c allows remote attackers to cause a denial of service (invalid read and application crash) via a crafted ELF file, related to r_bin_dwarf_parse_comp_unit in dwarf.c and sdb_set_internal in shlr/sdb/src/sdb.c.

  • CVE-2017-16359MedNov 1, 2017
    risk 0.36cvss 5.5epss 0.01

    In radare 2.0.1, a pointer wraparound vulnerability exists in store_versioninfo_gnu_verdef() in libr/bin/format/elf/elf.c.

  • CVE-2017-9762MedJun 19, 2017
    risk 0.36cvss 5.5epss 0.01

    The cmd_info function in libr/core/cmd_info.c in radare2 1.5.0 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted binary file.

  • CVE-2017-9761MedJun 19, 2017
    risk 0.36cvss 5.5epss 0.01

    The find_eoq function in libr/core/cmd.c in radare2 1.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted binary file.

  • CVE-2017-9520MedJun 8, 2017
    risk 0.36cvss 5.5epss 0.01

    The r_config_set function in libr/config/config.c in radare2 1.5.0 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted DEX file.

  • CVE-2017-7946MedApr 18, 2017
    risk 0.36cvss 5.5epss 0.01

    The get_relocs_64 function in libr/bin/format/mach0/mach0.c in radare2 1.3.0 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted Mach0 file.

  • CVE-2017-7854MedApr 13, 2017
    risk 0.36cvss 5.5epss 0.01

    The consume_init_expr function in wasm.c in radare2 1.3.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted Web Assembly file.

  • CVE-2017-7716MedApr 12, 2017
    risk 0.36cvss 5.5epss 0.01

    The read_u32_leb128 function in libr/util/uleb128.c in radare2 1.3.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted Web Assembly file.

  • CVE-2017-7274MedMar 27, 2017
    risk 0.36cvss 5.5epss 0.02

    The r_pkcs7_parse_cms function in libr/util/r_pkcs7.c in radare2 1.3.0 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PE file.

  • CVE-2017-6415MedMar 2, 2017
    risk 0.36cvss 5.5epss 0.01

    The dex_parse_debug_item function in libr/bin/p/bin_dex.c in radare2 1.2.1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted DEX file.

  • CVE-2017-6387MedMar 2, 2017
    risk 0.36cvss 5.5epss 0.01

    The dex_loadcode function in libr/bin/p/bin_dex.c in radare2 1.2.1 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted DEX file.

  • CVE-2017-6197MedFeb 24, 2017
    risk 0.36cvss 5.5epss 0.02

    The r_read_* functions in libr/include/r_endian.h in radare2 1.2.1 allow remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted binary file, as demonstrated by the r_read_le32 function.

  • CVE-2018-15834MedSep 12, 2018
    risk 0.29cvss 5.5epss 0.01

    In radare2 before 2.9.0, a heap overflow vulnerability exists in the read_module_referenced_functions function in libr/anal/flirt.c via a crafted flirt signature file.

  • CVE-2018-14017MedJul 12, 2018
    risk 0.29cvss 5.5epss 0.01

    The r_bin_java_annotation_new function in shlr/java/class.c in radare2 2.7.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted .class file because of missing input validation in…

  • CVE-2018-14016MedJul 12, 2018
    risk 0.29cvss 5.5epss 0.01

    The r_bin_mdmp_init_directory_entry function in mdmp.c in radare2 2.7.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted Mini Crash Dump file.

Page 2 of 9