Product:

Radare2

(Radare)
Repositories https://github.com/radare/radare2
https://github.com/devnexen/radare2
#Vulnerabilities 132
Date Id Summary Products Score Patch Annotated
2022-08-19 CVE-2020-27795 A segmentation fault was discovered in radare2 with adf command. In libr/core/cmd_anal.c, when command "adf" has no or wrong argument, anal_fcn_data (core, input + 1) --> RAnalFunction *fcn = r_anal_get_fcn_in (core->anal, core->offset, -1); returns null pointer for fcn causing segmentation fault later in ensure_fcn_range (fcn). Radare2 7.5
2022-12-10 CVE-2022-4398 Integer Overflow or Wraparound in GitHub repository radareorg/radare2 prior to 5.8.0. Radare2 7.8
2022-12-29 CVE-2022-4843 NULL Pointer Dereference in GitHub repository radareorg/radare2 prior to 5.8.2. Radare2 7.5
2023-01-15 CVE-2023-0302 Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) in GitHub repository radareorg/radare2 prior to 5.8.2. Radare2 7.8
2023-03-10 CVE-2023-27114 radare2 v5.8.3 was discovered to contain a segmentation fault via the component wasm_dis at p/wasm/wasm.c. Radare2 5.5
2023-03-23 CVE-2023-1605 Denial of Service in GitHub repository radareorg/radare2 prior to 5.8.6. Radare2 7.5
2023-07-07 CVE-2021-32494 Radare2 has a division by zero vulnerability in Mach-O parser's rebase_buffer function. This allow attackers to create malicious inputs that can cause denial of service. Radare2 7.5
2023-07-07 CVE-2021-32495 Radare2 has a use-after-free vulnerability in pyc parser's get_none_object function. Attacker can read freed memory afterwards. This will allow attackers to cause denial of service. Radare2 9.1
2023-08-14 CVE-2023-4322 Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.9.0. Fedora, Radare2 9.8
2023-08-22 CVE-2022-28068 A heap buffer overflow in r_sleb128 function in radare2 5.4.2 and 5.4.0. Radare2 7.5