Radare: >> Radare2 >> 5.3.0 Security Vulnerabilities
radare2 5.8.9 has an out-of-bounds read in r_bin_object_set_items in libr/bin/bobj.c, causing a crash in r_read_le32 in libr/include/r_endian.h.
CVSS Score
7.5
EPSS Score
0.002
Published
2023-11-22
An out-of-bounds read in radare2 v.5.8.9 and before exists in the print_insn32_fpu function of libr/arch/p/nds32/nds32-dis.h.
CVSS Score
9.8
EPSS Score
0.002
Published
2023-10-28
An out-of-bounds read in radare2 v.5.8.9 and before exists in the print_insn32 function of libr/arch/p/nds32/nds32-dis.h.
CVSS Score
9.8
EPSS Score
0.001
Published
2023-10-28
Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.9.0.
CVSS Score
5.1
EPSS Score
0.001
Published
2023-10-20
Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.9.0.
CVSS Score
7.3
EPSS Score
0.003
Published
2023-08-14
Radare2 has a division by zero vulnerability in Mach-O parser's rebase_buffer function. This allow attackers to create malicious inputs that can cause denial of service.
CVSS Score
10.0
EPSS Score
0.002
Published
2023-07-07
Radare2 has a use-after-free vulnerability in pyc parser's get_none_object function. Attacker can read freed memory afterwards. This will allow attackers to cause denial of service.
CVSS Score
10.0
EPSS Score
0.003
Published
2023-07-07
Denial of Service in GitHub repository radareorg/radare2 prior to 5.8.6.
CVSS Score
7.5
EPSS Score
0.005
Published
2023-03-23
Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) in GitHub repository radareorg/radare2 prior to 5.8.2.
CVSS Score
8.6
EPSS Score
0.002
Published
2023-01-15
NULL Pointer Dereference in GitHub repository radareorg/radare2 prior to 5.8.2.
CVSS Score
4.4
EPSS Score
0.001
Published
2022-12-29