Radare: >> Radare2 >> 4.5.0 Security Vulnerabilities
Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.6.2.
CVSS Score
6.3
EPSS Score
0.003
Published
2022-02-08
Buffer Access with Incorrect Length Value in GitHub repository radareorg/radare2 prior to 5.6.2.
CVSS Score
6.3
EPSS Score
0.004
Published
2022-02-08
Use After Free in NPM radare2.js prior to 5.6.2.
CVSS Score
8.8
EPSS Score
0.003
Published
2022-02-08
Access of Memory Location After End of Buffer in GitHub repository radareorg/radare2 prior to 5.6.2.
CVSS Score
6.3
EPSS Score
0.004
Published
2022-02-08
Use After Free in GitHub repository radareorg/radare2 prior to 5.6.0.
CVSS Score
7.1
EPSS Score
0.004
Published
2022-02-08
NULL Pointer Dereference in GitHub repository radareorg/radare2 prior to 5.6.0.
CVSS Score
5.9
EPSS Score
0.003
Published
2022-02-01
radare2 is vulnerable to Out-of-bounds Read
CVSS Score
9.6
EPSS Score
0.004
Published
2022-01-11
In radare2 through 5.3.0 there is a double free vulnerability in the pyc parse via a crafted file which can lead to DoS.
CVSS Score
5.5
EPSS Score
0.004
Published
2021-05-14
radare2 4.5.0 misparses signature information in PE files, causing a segmentation fault in r_x509_parse_algorithmidentifier in libr/util/x509.c. This is due to a malformed object identifier in IMAGE_DIRECTORY_ENTRY_SECURITY.
CVSS Score
7.5
EPSS Score
0.005
Published
2020-08-11
radare2 4.5.0 misparses DWARF information in executable files, causing a segmentation fault in parse_typedef in type_dwarf.c via a malformed DW_AT_name in the .debug_info section.
CVSS Score
5.5
EPSS Score
0.003
Published
2020-08-03