VYPR

IDA Pro

by Hex Rays

CVEs (12)

  • CVE-2026-45181MedMay 9, 2026
    risk 0.42cvss 6.5epss 0.00

    Hex-Rays IDA Pro 9.2 and 9.3 before 9.3sp2 does not block Clang dependency-file generation (via argument injection), which allows attackers to place their code into a plugins directory if the victim uses an attacker-supplied .i64 file.

  • CVE-2024-44083Aug 19, 2024
    risk 0.01cvss epss 0.01

    ida64.dll in Hex-Rays IDA Pro through 8.4 crashes when there is a section that has many jumps linked, and the final jump corresponds to the payload from where the actual entry point will be invoked. NOTE: in many use cases, this is an inconvenience but not a security issue.

  • CVE-2022-32441Jul 7, 2022
    risk 0.00cvss epss 0.01

    A memory corruption in Hex Rays Ida Pro v6.6 allows attackers to cause a Denial of Service (DoS) via a crafted file. Related to Data from Faulting Address controls subsequent Write Address starting at msvcrt!memcpy+0x0000000000000056.

  • CVE-2014-9458Jan 2, 2015
    risk 0.00cvss epss 0.02

    Heap-based buffer overflow in the GDB debugger module in Hex-Rays IDA Pro before 6.6 cumulative fix 2014-12-24 allows remote GDB servers to have unspecified impact via unknown vectors.

  • CVE-2011-1054Feb 21, 2011
    risk 0.00cvss epss 0.01

    Unspecified vulnerability in the PEF input file loader in Hex-Rays IDA Pro 5.7 and 6.0 has unknown impact and attack vectors.

  • CVE-2011-1053Feb 21, 2011
    risk 0.00cvss epss 0.01

    Unspecified vulnerability in the Mach-O input file loader in Hex-Rays IDA Pro 5.7 and 6.0 allows user-assisted remote attackers to cause a denial of service (out-of-memory exception and inability to analyze code) via a crafted Mach-O file.

  • CVE-2011-1052Feb 21, 2011
    risk 0.00cvss epss 0.01

    Integer overflow in the PSX/GEOS input file loaders in Hex-Rays IDA Pro 5.7 and 6.0 has unknown impact and attack vectors related to memory allocation.

  • CVE-2011-1051Feb 21, 2011
    risk 0.00cvss epss 0.01

    Integer overflow in the COFF/EPOC/EXPLOAD input file loaders in Hex-Rays IDA Pro 5.7 and 6.0 has unknown impact and attack vectors related to memory allocation.

  • CVE-2011-1050Feb 21, 2011
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in Hex-Rays IDA Pro 5.7 and 6.0 has unknown impact and attack vectors related to "converson of string encodings" and "inconsistencies in the handling of UTF8 sequences by the user interface."

  • CVE-2011-1049Feb 21, 2011
    risk 0.00cvss epss 0.04

    Buffer overflow in the Mach-O input file loader in Hex-Rays IDA Pro 5.7 and 6.0 allows user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted Macho-O file.

  • CVE-2007-1666Mar 24, 2007
    risk 0.00cvss epss 0.03

    The processor_request function in the debugger server for DataRescue IDA Pro 5.0 and 5.1 does not verify that authentication has taken place before invoking the perform_request function, which allows remote attackers to perform unauthorized actions.

  • CVE-2005-0770May 2, 2005
    risk 0.00cvss epss 0.03

    Format string vulnerability in DataRescue Interactive Disassembler and Debugger (IDA) Pro 4.7.0.830 allows remote attackers or local users to cause a denial of service (CPU consumption or application crash) and possibly execute arbitrary code via format string specifiers in a…