| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Use After Free in GitHub repository radareorg/radare2 prior to 5.6.2. |
| Use After Free in GitHub repository radareorg/radare2 prior to 5.6.2. |
| Access of Memory Location Before Start of Buffer in NPM radare2.js prior to 5.6.2. |
| Access of Memory Location After End of Buffer in GitHub repository radareorg/radare2 prior to 5.6.2. |
| Use After Free in NPM radare2.js prior to 5.6.2. |
| Buffer Access with Incorrect Length Value in GitHub repository radareorg/radare2 prior to 5.6.2. |
| Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.6.2. |
| Denial of Service in GitHub repository radareorg/radare2 prior to 5.6.4. |
| NULL Pointer Dereference in GitHub repository radareorg/radare2 prior to 5.6.0. |
| radare2 is vulnerable to Out-of-bounds Read |
| Use After Free in GitHub repository radareorg/radare2 prior to 5.6.0. |
| A vulnerability was found in Radare2 in versions prior to 5.6.2, 5.6.0, 5.5.4 and 5.5.2. Mapping a huge section filled with zeros of an ELF64 binary for MIPS architecture can lead to uncontrolled resource consumption and DoS. |
| radareorg radare2 5.5.2 is vulnerable to Buffer Overflow via /libr/core/anal_objc.c mach-o parser. |
| radareorg radare2 version 5.5.2 is vulnerable to NULL Pointer Dereference via libr/bin/p/bin_symbols.c binary symbol parser. |
| A vulnerability was found in Radare2 in version 5.3.1. Improper input validation when reading a crafted LE binary can lead to resource exhaustion and DoS. |
| In radare2 through 5.3.0 there is a double free vulnerability in the pyc parse via a crafted file which can lead to DoS. |
| Radare2 has a use-after-free vulnerability in pyc parser's get_none_object function. Attacker can read freed memory afterwards. This will allow attackers to cause denial of service.
|
| Radare2 has a division by zero vulnerability in Mach-O parser's rebase_buffer function. This allow attackers to create malicious inputs that can cause denial of service.
|
| A segmentation fault was discovered in radare2 with adf command. In libr/core/cmd_anal.c, when command "adf" has no or wrong argument, anal_fcn_data (core, input + 1) --> RAnalFunction *fcn = r_anal_get_fcn_in (core->anal, core->offset, -1); returns null pointer for fcn causing segmentation fault later in ensure_fcn_range (fcn). |
| A double free issue was discovered in radare2 in cmd_info.c:cmd_info(). Successful exploitation could lead to modification of unexpected memory locations and potentially causing a crash. |
