Radare2
by Radare
Source repositories
CVEs (163)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-1296 | 0.00 | — | 0.01 | Apr 11, 2022 | Out-of-bounds read in `r_bin_ne_get_relocs` function in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability may allow attackers to read sensitive information or cause a crash. | |||
| CVE-2022-1284 | 0.00 | — | 0.01 | Apr 8, 2022 | heap-use-after-free in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability is capable of inducing denial of service. | |||
| CVE-2022-1283 | 0.00 | — | 0.01 | Apr 8, 2022 | NULL Pointer Dereference in r_bin_ne_get_entrypoints function in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability allows attackers to cause a denial of service (application crash). | |||
| CVE-2022-1240 | 0.00 | — | 0.01 | Apr 6, 2022 | Heap buffer overflow in libr/bin/format/mach0/mach0.c in GitHub repository radareorg/radare2 prior to 5.8.6. If address sanitizer is disabled during the compiling, the program should executes into the `r_str_ncpy` function. Therefore I think it is very likely to be exploitable.… | |||
| CVE-2022-1237 | 0.00 | — | 0.01 | Apr 6, 2022 | Improper Validation of Array Index in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability is heap overflow and may be exploitable. For more general description of heap buffer overflow, see [CWE](https://cwe.mitre.org/data/definitions/122.html). | |||
| CVE-2022-1238 | 0.00 | — | 0.01 | Apr 6, 2022 | Out-of-bounds Write in libr/bin/format/ne/ne.c in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability is heap overflow and may be exploitable. For more general description of heap buffer overflow, see [CWE](https://cwe.mitre.org/data/definitions/122.html). | |||
| CVE-2022-1244 | 0.00 | — | 0.01 | Apr 5, 2022 | heap-buffer-overflow in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability is capable of inducing denial of service. | |||
| CVE-2022-1207 | 0.00 | — | 0.01 | Apr 1, 2022 | Out-of-bounds read in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability allows attackers to read sensitive information from outside the allocated buffer boundary. | |||
| CVE-2022-1052 | 0.00 | — | 0.00 | Mar 24, 2022 | Heap Buffer Overflow in iterate_chained_fixups in GitHub repository radareorg/radare2 prior to 5.6.6. | |||
| CVE-2022-1061 | 0.00 | — | 0.01 | Mar 24, 2022 | Heap Buffer Overflow in parseDragons in GitHub repository radareorg/radare2 prior to 5.6.8. | |||
| CVE-2022-1031 | 0.00 | — | 0.01 | Mar 22, 2022 | Use After Free in op_is_set_bp in GitHub repository radareorg/radare2 prior to 5.6.6. | |||
| CVE-2022-0849 | 0.00 | — | 0.01 | Mar 5, 2022 | Use After Free in r_reg_get_name_idx in GitHub repository radareorg/radare2 prior to 5.6.6. | |||
| CVE-2021-4021 | 0.00 | — | 0.01 | Feb 24, 2022 | A vulnerability was found in Radare2 in versions prior to 5.6.2, 5.6.0, 5.5.4 and 5.5.2. Mapping a huge section filled with zeros of an ELF64 binary for MIPS architecture can lead to uncontrolled resource consumption and DoS. | |||
| CVE-2022-0695 | 0.00 | — | 0.01 | Feb 24, 2022 | Denial of Service in GitHub repository radareorg/radare2 prior to 5.6.4. | |||
| CVE-2022-0476 | 0.00 | — | 0.01 | Feb 23, 2022 | Denial of Service in GitHub repository radareorg/radare2 prior to 5.6.4. | |||
| CVE-2022-0713 | 0.00 | — | 0.01 | Feb 22, 2022 | Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.6.4. | |||
| CVE-2022-0712 | 0.00 | — | 0.01 | Feb 22, 2022 | NULL Pointer Dereference in GitHub repository radareorg/radare2 prior to 5.6.4. | |||
| CVE-2022-0676 | 0.00 | — | 0.01 | Feb 22, 2022 | Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.6.4. | |||
| CVE-2022-0559 | 0.00 | — | 0.01 | Feb 16, 2022 | Use After Free in GitHub repository radareorg/radare2 prior to 5.6.2. | |||
| CVE-2022-0522 | 0.00 | — | 0.01 | Feb 8, 2022 | Access of Memory Location Before Start of Buffer in NPM radare2.js prior to 5.6.2. |
- CVE-2022-1296Apr 11, 2022risk 0.00cvss —epss 0.01
Out-of-bounds read in `r_bin_ne_get_relocs` function in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability may allow attackers to read sensitive information or cause a crash.
- CVE-2022-1284Apr 8, 2022risk 0.00cvss —epss 0.01
heap-use-after-free in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability is capable of inducing denial of service.
- CVE-2022-1283Apr 8, 2022risk 0.00cvss —epss 0.01
NULL Pointer Dereference in r_bin_ne_get_entrypoints function in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability allows attackers to cause a denial of service (application crash).
- CVE-2022-1240Apr 6, 2022risk 0.00cvss —epss 0.01
Heap buffer overflow in libr/bin/format/mach0/mach0.c in GitHub repository radareorg/radare2 prior to 5.8.6. If address sanitizer is disabled during the compiling, the program should executes into the `r_str_ncpy` function. Therefore I think it is very likely to be exploitable.…
- CVE-2022-1237Apr 6, 2022risk 0.00cvss —epss 0.01
Improper Validation of Array Index in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability is heap overflow and may be exploitable. For more general description of heap buffer overflow, see [CWE](https://cwe.mitre.org/data/definitions/122.html).
- CVE-2022-1238Apr 6, 2022risk 0.00cvss —epss 0.01
Out-of-bounds Write in libr/bin/format/ne/ne.c in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability is heap overflow and may be exploitable. For more general description of heap buffer overflow, see [CWE](https://cwe.mitre.org/data/definitions/122.html).
- CVE-2022-1244Apr 5, 2022risk 0.00cvss —epss 0.01
heap-buffer-overflow in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability is capable of inducing denial of service.
- CVE-2022-1207Apr 1, 2022risk 0.00cvss —epss 0.01
Out-of-bounds read in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability allows attackers to read sensitive information from outside the allocated buffer boundary.
- CVE-2022-1052Mar 24, 2022risk 0.00cvss —epss 0.00
Heap Buffer Overflow in iterate_chained_fixups in GitHub repository radareorg/radare2 prior to 5.6.6.
- CVE-2022-1061Mar 24, 2022risk 0.00cvss —epss 0.01
Heap Buffer Overflow in parseDragons in GitHub repository radareorg/radare2 prior to 5.6.8.
- CVE-2022-1031Mar 22, 2022risk 0.00cvss —epss 0.01
Use After Free in op_is_set_bp in GitHub repository radareorg/radare2 prior to 5.6.6.
- CVE-2022-0849Mar 5, 2022risk 0.00cvss —epss 0.01
Use After Free in r_reg_get_name_idx in GitHub repository radareorg/radare2 prior to 5.6.6.
- CVE-2021-4021Feb 24, 2022risk 0.00cvss —epss 0.01
A vulnerability was found in Radare2 in versions prior to 5.6.2, 5.6.0, 5.5.4 and 5.5.2. Mapping a huge section filled with zeros of an ELF64 binary for MIPS architecture can lead to uncontrolled resource consumption and DoS.
- CVE-2022-0695Feb 24, 2022risk 0.00cvss —epss 0.01
Denial of Service in GitHub repository radareorg/radare2 prior to 5.6.4.
- CVE-2022-0476Feb 23, 2022risk 0.00cvss —epss 0.01
Denial of Service in GitHub repository radareorg/radare2 prior to 5.6.4.
- CVE-2022-0713Feb 22, 2022risk 0.00cvss —epss 0.01
Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.6.4.
- CVE-2022-0712Feb 22, 2022risk 0.00cvss —epss 0.01
NULL Pointer Dereference in GitHub repository radareorg/radare2 prior to 5.6.4.
- CVE-2022-0676Feb 22, 2022risk 0.00cvss —epss 0.01
Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.6.4.
- CVE-2022-0559Feb 16, 2022risk 0.00cvss —epss 0.01
Use After Free in GitHub repository radareorg/radare2 prior to 5.6.2.
- CVE-2022-0522Feb 8, 2022risk 0.00cvss —epss 0.01
Access of Memory Location Before Start of Buffer in NPM radare2.js prior to 5.6.2.
Page 6 of 9