Vulnerabilities > Radare > Radare2 > 3.8.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-02-08 | CVE-2022-0518 | Out-of-bounds Write vulnerability in multiple products Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.6.2. | 7.1 |
2022-02-08 | CVE-2022-0519 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Buffer Access with Incorrect Length Value in GitHub repository radareorg/radare2 prior to 5.6.2. | 7.1 |
2022-02-08 | CVE-2022-0520 | Use After Free vulnerability in multiple products Use After Free in NPM radare2.js prior to 5.6.2. | 7.8 |
2022-02-08 | CVE-2022-0521 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Access of Memory Location After End of Buffer in GitHub repository radareorg/radare2 prior to 5.6.2. | 7.1 |
2022-02-08 | CVE-2022-0522 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Access of Memory Location Before Start of Buffer in NPM radare2.js prior to 5.6.2. | 7.1 |
2022-02-08 | CVE-2022-0523 | Use After Free vulnerability in multiple products Use After Free in GitHub repository radareorg/radare2 prior to 5.6.2. | 7.8 |
2022-02-08 | CVE-2022-0139 | Use After Free vulnerability in Radare Radare2 Use After Free in GitHub repository radareorg/radare2 prior to 5.6.0. | 7.5 |
2021-05-14 | CVE-2021-32613 | Double Free vulnerability in multiple products In radare2 through 5.3.0 there is a double free vulnerability in the pyc parse via a crafted file which can lead to DoS. | 5.5 |
2020-07-20 | CVE-2020-15121 | OS Command Injection vulnerability in multiple products In radare2 before version 4.5.0, malformed PDB file names in the PDB server path cause shell injection. | 9.6 |
2019-12-09 | CVE-2019-19647 | NULL Pointer Dereference vulnerability in multiple products radare2 through 4.0.0 lacks validation of the content variable in the function r_asm_pseudo_incbin at libr/asm/asm.c, ultimately leading to an arbitrary write. | 7.8 |