Shodan
Vulnerabilities
Vulnerable Software
Radare:  >> Radare2  Security Vulnerabilities
CVE-2025-5648
A vulnerability was found in Radare2 5.9.9. It has been classified as problematic. Affected is the function r_cons_pal_init in the library /libr/cons/pal.c of the component radiff2. The manipulation of the argument -T leads to memory corruption. An attack has to be approached locally. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The real existence of this vulnerability is still doubted at the moment. The name of the patch is 5705d99cc1f23f36f9a84aab26d1724010b97798. It is recommended to apply a patch to fix this issue. The documentation explains that the parameter -T is experimental and "crashy". Further analysis has shown "the race is not a real problem unless you use asan". A new warning has been added.
CVSS Score
2.5
EPSS Score
0.0
Published
2025-06-05
CVE-2024-29646
Buffer Overflow vulnerability in radarorg radare2 v.5.8.8 allows an attacker to execute arbitrary code via the name, type, or group fields.
CVSS Score
9.8
EPSS Score
0.003
Published
2024-12-17
CVE-2024-48241
An issue in radare2 v5.8.0 through v5.9.4 allows a local attacker to cause a denial of service via the __bf_div function.
CVSS Score
5.5
EPSS Score
0.001
Published
2024-10-30
CVE-2024-26475
An issue in radareorg radare2 v.0.9.7 through v.5.8.6 and fixed in v.5.8.8 allows a local attacker to cause a denial of service via the grub_sfs_read_extent function.
CVSS Score
5.5
EPSS Score
0.0
Published
2024-03-14
CVE-2023-47016
radare2 5.8.9 has an out-of-bounds read in r_bin_object_set_items in libr/bin/bobj.c, causing a crash in r_read_le32 in libr/include/r_endian.h.
CVSS Score
7.5
EPSS Score
0.002
Published
2023-11-22
CVE-2023-46569
An out-of-bounds read in radare2 v.5.8.9 and before exists in the print_insn32_fpu function of libr/arch/p/nds32/nds32-dis.h.
CVSS Score
9.8
EPSS Score
0.002
Published
2023-10-28
CVE-2023-46570
An out-of-bounds read in radare2 v.5.8.9 and before exists in the print_insn32 function of libr/arch/p/nds32/nds32-dis.h.
CVSS Score
9.8
EPSS Score
0.001
Published
2023-10-28
CVE-2023-5686
Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.9.0.
CVSS Score
5.1
EPSS Score
0.0
Published
2023-10-20
CVE-2022-28068
A heap buffer overflow in r_sleb128 function in radare2 5.4.2 and 5.4.0.
CVSS Score
7.5
EPSS Score
0.001
Published
2023-08-22
CVE-2022-28069
A heap buffer overflow in vax_opfunction in radare2 5.4.2 and 5.4.0.
CVSS Score
7.5
EPSS Score
0.001
Published
2023-08-22


Products
Pricing
Contact Us

Shodan ® - All rights reserved