Vulnerabilities > Radare > Radare2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-02-08 | CVE-2022-0523 | Use After Free vulnerability in multiple products Use After Free in GitHub repository radareorg/radare2 prior to 5.6.2. | 7.8 |
| 2022-02-08 | CVE-2022-0139 | Use After Free vulnerability in Radare Radare2 Use After Free in GitHub repository radareorg/radare2 prior to 5.6.0. | 9.8 |
| 2022-02-01 | CVE-2022-0419 | NULL Pointer Dereference vulnerability in multiple products NULL Pointer Dereference in GitHub repository radareorg/radare2 prior to 5.6.0. | 5.5 |
| 2022-01-11 | CVE-2022-0173 | Out-of-bounds Read vulnerability in multiple products radare2 is vulnerable to Out-of-bounds Read | 5.5 |
| 2021-08-02 | CVE-2021-3673 | Unchecked Return Value vulnerability in multiple products A vulnerability was found in Radare2 in version 5.3.1. | 7.5 |
| 2021-05-14 | CVE-2021-32613 | Double Free vulnerability in multiple products In radare2 through 5.3.0 there is a double free vulnerability in the pyc parse via a crafted file which can lead to DoS. | 5.5 |
| 2020-08-11 | CVE-2020-17487 | radare2 4.5.0 misparses signature information in PE files, causing a segmentation fault in r_x509_parse_algorithmidentifier in libr/util/x509.c. | 7.5 |
| 2020-08-03 | CVE-2020-16269 | radare2 4.5.0 misparses DWARF information in executable files, causing a segmentation fault in parse_typedef in type_dwarf.c via a malformed DW_AT_name in the .debug_info section. | 5.5 |
| 2020-07-20 | CVE-2020-15121 | OS Command Injection vulnerability in multiple products In radare2 before version 4.5.0, malformed PDB file names in the PDB server path cause shell injection. | 9.6 |
| 2019-12-09 | CVE-2019-19647 | NULL Pointer Dereference vulnerability in multiple products radare2 through 4.0.0 lacks validation of the content variable in the function r_asm_pseudo_incbin at libr/asm/asm.c, ultimately leading to an arbitrary write. | 7.8 |