Radare: Security Vulnerabilities
Buffer Access with Incorrect Length Value in GitHub repository radareorg/radare2 prior to 5.6.2.
CVSS Score
6.3
EPSS Score
0.004
Published
2022-02-08
Use After Free in NPM radare2.js prior to 5.6.2.
CVSS Score
8.8
EPSS Score
0.003
Published
2022-02-08
Access of Memory Location After End of Buffer in GitHub repository radareorg/radare2 prior to 5.6.2.
CVSS Score
6.3
EPSS Score
0.004
Published
2022-02-08
Use After Free in GitHub repository radareorg/radare2 prior to 5.6.0.
CVSS Score
7.1
EPSS Score
0.004
Published
2022-02-08
NULL Pointer Dereference in GitHub repository radareorg/radare2 prior to 5.6.0.
CVSS Score
5.9
EPSS Score
0.002
Published
2022-02-01
radare2 is vulnerable to Out-of-bounds Read
CVSS Score
9.6
EPSS Score
0.004
Published
2022-01-11
A vulnerability was found in Radare2 in version 5.3.1. Improper input validation when reading a crafted LE binary can lead to resource exhaustion and DoS.
CVSS Score
7.5
EPSS Score
0.006
Published
2021-08-02
A heap buffer overflow vulnerability in the r_asm_swf_disass function of Radare2-extras before commit e74a93c allows attackers to execute arbitrary code or carry out denial of service (DOS) attacks.
CVSS Score
9.8
EPSS Score
0.023
Published
2021-07-14
In radare2 through 5.3.0 there is a double free vulnerability in the pyc parse via a crafted file which can lead to DoS.
CVSS Score
5.5
EPSS Score
0.003
Published
2021-05-14
radare2 4.5.0 misparses signature information in PE files, causing a segmentation fault in r_x509_parse_algorithmidentifier in libr/util/x509.c. This is due to a malformed object identifier in IMAGE_DIRECTORY_ENTRY_SECURITY.
CVSS Score
7.5
EPSS Score
0.005
Published
2020-08-11