Radare2
by Radare
Source repositories
CVEs (26)
| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2017-7854 | Med | 0.36 | 5.5 | 0.00 | Apr 13, 2017 | The consume_init_expr function in wasm.c in radare2 1.3.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted Web Assembly file. | |
| CVE-2017-7716 | Med | 0.36 | 5.5 | 0.00 | Apr 12, 2017 | The read_u32_leb128 function in libr/util/uleb128.c in radare2 1.3.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted Web Assembly file. | |
| CVE-2017-7274 | Med | 0.36 | 5.5 | 0.00 | Mar 27, 2017 | The r_pkcs7_parse_cms function in libr/util/r_pkcs7.c in radare2 1.3.0 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PE file. | |
| CVE-2017-6415 | Med | 0.36 | 5.5 | 0.00 | Mar 2, 2017 | The dex_parse_debug_item function in libr/bin/p/bin_dex.c in radare2 1.2.1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted DEX file. | |
| CVE-2017-6387 | Med | 0.36 | 5.5 | 0.00 | Mar 2, 2017 | The dex_loadcode function in libr/bin/p/bin_dex.c in radare2 1.2.1 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted DEX file. | |
| CVE-2017-6197 | Med | 0.36 | 5.5 | 0.00 | Feb 24, 2017 | The r_read_* functions in libr/include/r_endian.h in radare2 1.2.1 allow remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted binary file, as demonstrated by the r_read_le32 function. |
Page 2 of 2