VYPR

Radare2

by Radare

Source repositories

CVEs (163)

  • CVE-2018-14015MedJul 12, 2018
    risk 0.29cvss 5.5epss 0.01

    The sdb_set_internal function in sdb.c in radare2 2.7.0 allows remote attackers to cause a denial of service (invalid read and application crash) via a crafted ELF file because of missing input validation in r_bin_dwarf_parse_comp_unit in libr/bin/dwarf.c.

  • CVE-2026-4174LowMar 16, 2026
    risk 0.14cvss 3.3epss 0.00

    A vulnerability has been found in Radare2 5.9.9. This issue affects the function walk_exports_trie of the file libr/bin/format/mach0/mach0.c of the component Mach-O File Parser. Such manipulation leads to resource consumption. The attack can only be performed from a local…

  • CVE-2025-63745Nov 14, 2025
    risk 0.00cvss epss 0.00

    A NULL pointer dereference vulnerability was discovered in radare2 6.0.5 and earlier within the info() function of bin_ne.c. A crafted binary input can trigger a segmentation fault, leading to a denial of service when the tool processes malformed data.

  • CVE-2025-63744Nov 14, 2025
    risk 0.00cvss epss 0.00

    A NULL pointer dereference vulnerability was discovered in radare2 6.0.5 and earlier within the load() function of bin_dyldcache.c. Processing a crafted file can cause a segmentation fault and crash the program.

  • CVE-2025-60360Oct 17, 2025
    risk 0.00cvss epss 0.00

    radare2 v5.9.8 and before contains a memory leak in the function r2r_subprocess_init.

  • CVE-2025-60361Oct 17, 2025
    risk 0.00cvss epss 0.00

    radare2 v5.9.8 and before contains a memory leak in the function bochs_open.

  • CVE-2025-60359Oct 17, 2025
    risk 0.00cvss epss 0.00

    radare2 v5.9.8 and before contains a memory leak in the function r_bin_object_new.

  • CVE-2025-60358Oct 16, 2025
    risk 0.00cvss epss 0.00

    radare2 v.5.9.8 and before contains a memory leak in the function _load_relocations.

  • CVE-2025-5648Jun 5, 2025
    risk 0.00cvss epss 0.00

    A vulnerability was found in Radare2 5.9.9. It has been classified as problematic. Affected is the function r_cons_pal_init in the library /libr/cons/pal.c of the component radiff2. The manipulation of the argument -T leads to memory corruption. An attack has to be approached…

  • CVE-2025-5647Jun 5, 2025
    risk 0.00cvss epss 0.00

    A vulnerability was found in Radare2 5.9.9 and classified as problematic. This issue affects the function r_cons_context_break_pop in the library /libr/cons/cons.c of the component radiff2. The manipulation of the argument -T leads to memory corruption. The attack needs to be…

  • CVE-2025-5646Jun 5, 2025
    risk 0.00cvss epss 0.00

    A vulnerability has been found in Radare2 5.9.9 and classified as problematic. This vulnerability affects the function r_cons_rainbow_free in the library /libr/cons/pal.c of the component radiff2. The manipulation of the argument -T leads to memory corruption. It is possible to…

  • CVE-2025-5645Jun 5, 2025
    risk 0.00cvss epss 0.00

    A vulnerability, which was classified as problematic, was found in Radare2 5.9.9. This affects the function r_cons_pal_init in the library /libr/cons/pal.c of the component radiff2. The manipulation of the argument -T leads to memory corruption. Attacking locally is a…

  • CVE-2025-5644Jun 5, 2025
    risk 0.00cvss epss 0.00

    A vulnerability, which was classified as problematic, has been found in Radare2 5.9.9. Affected by this issue is the function r_cons_flush in the library /libr/cons/cons.c of the component radiff2. The manipulation of the argument -T leads to use after free. Local access is…

  • CVE-2025-5643Jun 5, 2025
    risk 0.00cvss epss 0.00

    A vulnerability classified as problematic was found in Radare2 5.9.9. Affected by this vulnerability is the function cons_stack_load in the library /libr/cons/cons.c of the component radiff2. The manipulation of the argument -T leads to memory corruption. An attack has to be…

  • CVE-2025-5642Jun 5, 2025
    risk 0.00cvss epss 0.00

    A vulnerability classified as problematic has been found in Radare2 5.9.9. Affected is the function r_cons_pal_init in the library /libr/cons/pal.c of the component radiff2. The manipulation leads to memory corruption. The attack needs to be approached locally. The complexity of…

  • CVE-2025-5641Jun 5, 2025
    risk 0.00cvss epss 0.00

    A vulnerability was found in Radare2 5.9.9. It has been rated as problematic. This issue affects the function r_cons_is_breaked in the library /libr/cons/cons.c of the component radiff2. The manipulation of the argument -T leads to memory corruption. It is possible to launch the…

  • CVE-2025-1864Mar 3, 2025
    risk 0.00cvss epss 0.00

    Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in radareorg radare2 allows Overflow Buffers.This issue affects radare2: before <5.9.9.

  • CVE-2025-1744Feb 28, 2025
    risk 0.00cvss epss 0.00

    Out-of-bounds Write vulnerability in radareorg radare2 allows heap-based buffer over-read or buffer overflow.This issue affects radare2: before <5.9.9.

  • CVE-2025-1378Feb 17, 2025
    risk 0.00cvss epss 0.00

    A vulnerability, which was classified as problematic, was found in radare2 5.9.9 33286. Affected is an unknown function in the library /libr/main/rasm2.c of the component rasm2. The manipulation leads to memory corruption. An attack has to be approached locally. The exploit has…

  • CVE-2024-29646Dec 17, 2024
    risk 0.00cvss epss 0.01

    Buffer Overflow vulnerability in radarorg radare2 v.5.8.8 allows an attacker to execute arbitrary code via the name, type, or group fields.

Page 3 of 9