Vulnerabilities > Radare

DATE CVE VULNERABILITY TITLE RISK
2022-02-08 CVE-2022-0522 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Access of Memory Location Before Start of Buffer in NPM radare2.js prior to 5.6.2.
local
low complexity
radare fedoraproject CWE-119
7.1
7.1
2022-02-08 CVE-2022-0523 Use After Free in GitHub repository radareorg/radare2 prior to 5.6.2.
local
low complexity
radare fedoraproject
7.8
7.8
2022-02-08 CVE-2022-0139 Unspecified vulnerability in Radare Radare2
Use After Free in GitHub repository radareorg/radare2 prior to 5.6.0.
network
low complexity
radare
critical
 9.8
9.8
2022-02-01 CVE-2022-0419 NULL Pointer Dereference vulnerability in multiple products
NULL Pointer Dereference in GitHub repository radareorg/radare2 prior to 5.6.0.
local
low complexity
radare fedoraproject CWE-476
5.5
5.5
2022-01-11 CVE-2022-0173 Out-of-bounds Read vulnerability in multiple products
radare2 is vulnerable to Out-of-bounds Read
local
low complexity
radare fedoraproject CWE-125
5.5
5.5
2021-08-02 CVE-2021-3673 Unchecked Return Value vulnerability in multiple products
A vulnerability was found in Radare2 in version 5.3.1.
network
low complexity
radare fedoraproject CWE-252
7.5
7.5
2021-07-14 CVE-2020-24133 Out-of-bounds Write vulnerability in Radare Radare2-Extras
A heap buffer overflow vulnerability in the r_asm_swf_disass function of Radare2-extras before commit e74a93c allows attackers to execute arbitrary code or carry out denial of service (DOS) attacks.
network
low complexity
radare CWE-787
critical
 9.8
9.8
2021-05-14 CVE-2021-32613 Double Free vulnerability in multiple products
In radare2 through 5.3.0 there is a double free vulnerability in the pyc parse via a crafted file which can lead to DoS.
local
low complexity
radare fedoraproject CWE-415
5.5
5.5
2020-08-11 CVE-2020-17487 radare2 4.5.0 misparses signature information in PE files, causing a segmentation fault in r_x509_parse_algorithmidentifier in libr/util/x509.c.
network
low complexity
radare fedoraproject
7.5
7.5
2020-08-03 CVE-2020-16269 radare2 4.5.0 misparses DWARF information in executable files, causing a segmentation fault in parse_typedef in type_dwarf.c via a malformed DW_AT_name in the .debug_info section.
local
low complexity
radare fedoraproject
5.5
5.5