Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Radare Subscribe
Total 149 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-14016 1 Radare 1 Radare2 2020-10-15 4.3 MEDIUM 5.5 MEDIUM
The r_bin_mdmp_init_directory_entry function in mdmp.c in radare2 2.7.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted Mini Crash Dump file.
CVE-2018-11383 1 Radare 1 Radare2 2020-08-24 4.3 MEDIUM 5.5 MEDIUM
The r_strbuf_fini() function in radare2 2.5.0 allows remote attackers to cause a denial of service (invalid free and application crash) via a crafted ELF file because of an uninitialized variable in the CPSE handler in libr/anal/p/anal_avr.c.
CVE-2018-20455 1 Radare 1 Radare2 2020-08-24 4.3 MEDIUM 5.5 MEDIUM
In radare2 prior to 3.1.1, the parseOperand function inside libr/asm/p/asm_x86_nz.c may allow attackers to cause a denial of service (application crash via a stack-based buffer overflow) by crafting an input file, a related issue to CVE-2018-20456.
CVE-2018-20460 1 Radare 1 Radare2 2020-08-24 4.3 MEDIUM 5.5 MEDIUM
In radare2 prior to 3.1.2, the parseOperands function in libr/asm/arch/arm/armass64.c allows attackers to cause a denial-of-service (application crash caused by stack-based buffer overflow) by crafting an input file.
CVE-2018-15834 1 Radare 1 Radare2 2020-08-24 4.3 MEDIUM 5.5 MEDIUM
In radare2 before 2.9.0, a heap overflow vulnerability exists in the read_module_referenced_functions function in libr/anal/flirt.c via a crafted flirt signature file.
CVE-2017-9949 1 Radare 1 Radare2 2019-10-03 6.8 MEDIUM 7.8 HIGH
The grub_memmove function in shlr/grub/kern/misc.c in radare2 1.5.0 allows remote attackers to cause a denial of service (stack-based buffer underflow and application crash) or possibly have unspecified other impact via a crafted binary file, possibly related to a buffer underflow in fs/ext2.c in GNU GRUB 2.02.
CVE-2018-8809 1 Radare 1 Radare2 2019-10-03 4.3 MEDIUM 5.5 MEDIUM
In radare2 2.4.0, there is a heap-based buffer over-read in the dalvik_op function of anal_dalvik.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted dex file.
CVE-2017-7854 1 Radare 1 Radare2 2019-10-03 4.3 MEDIUM 5.5 MEDIUM
The consume_init_expr function in wasm.c in radare2 1.3.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted Web Assembly file.
CVE-2018-10186 1 Radare 1 Radare2 2019-10-03 4.3 MEDIUM 5.5 MEDIUM
In radare2 2.5.0, there is a heap-based buffer over-read in the r_hex_bin2str function (libr/util/hex.c). Remote attackers could leverage this vulnerability to cause a denial of service via a crafted DEX file. This issue is different from CVE-2017-15368.
CVE-2017-7716 1 Radare 1 Radare2 2019-10-03 4.3 MEDIUM 5.5 MEDIUM
The read_u32_leb128 function in libr/util/uleb128.c in radare2 1.3.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted Web Assembly file.
CVE-2017-15368 1 Radare 1 Radare2 2019-10-03 6.8 MEDIUM 7.8 HIGH
The wasm_dis function in libr/asm/arch/wasm/wasm.c in radare2 2.0.0 allows remote attackers to cause a denial of service (stack-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted WASM file that triggers an incorrect r_hex_bin2str call.
CVE-2018-8808 1 Radare 1 Radare2 2019-10-03 4.3 MEDIUM 5.5 MEDIUM
In radare2 2.4.0, there is a heap-based buffer over-read in the r_asm_disassemble function of asm.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted dex file.
CVE-2018-8810 1 Radare 1 Radare2 2019-10-03 4.3 MEDIUM 5.5 MEDIUM
In radare2 2.4.0, there is a heap-based buffer over-read in the get_ivar_list_t function of mach0_classes.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted Mach-O file.
CVE-2018-10187 1 Radare 1 Radare2 2019-10-03 4.3 MEDIUM 5.5 MEDIUM
In radare2 2.5.0, there is a heap-based buffer over-read in the dalvik_op function (libr/anal/p/anal_dalvik.c). Remote attackers could leverage this vulnerability to cause a denial of service via a crafted DEX file. Note that this issue is different from CVE-2018-8809, which was patched earlier.
CVE-2018-19842 1 Radare 1 Radare2 2018-12-31 4.3 MEDIUM 5.5 MEDIUM
getToken in libr/asm/p/asm_x86_nz.c in radare2 before 3.1.0 allows attackers to cause a denial of service (stack-based buffer over-read) via crafted x86 assembly data, as demonstrated by rasm2.
CVE-2018-19843 1 Radare 1 Radare2 2018-12-31 4.3 MEDIUM 5.5 MEDIUM
opmov in libr/asm/p/asm_x86_nz.c in radare2 before 3.1.0 allows attackers to cause a denial of service (buffer over-read) via crafted x86 assembly data, as demonstrated by rasm2.
CVE-2018-20461 1 Radare 1 Radare2 2018-12-31 4.3 MEDIUM 5.5 MEDIUM
In radare2 prior to 3.1.1, core_anal_bytes in libr/core/cmd_anal.c allows attackers to cause a denial-of-service (application crash caused by out-of-bounds read) by crafting a binary file.
CVE-2018-20456 1 Radare 1 Radare2 2018-12-31 4.3 MEDIUM 5.5 MEDIUM
In radare2 prior to 3.1.1, the parseOperand function inside libr/asm/p/asm_x86_nz.c may allow attackers to cause a denial of service (application crash in libr/util/strbuf.c via a stack-based buffer over-read) by crafting an input file, a related issue to CVE-2018-20455.
CVE-2018-12322 1 Radare 1 Radare2 2018-08-02 4.3 MEDIUM 5.5 MEDIUM
There is a heap out of bounds read in radare2 2.6.0 in _6502_op() in libr/anal/p/anal_6502.c via a crafted iNES ROM binary file.
CVE-2018-12321 1 Radare 1 Radare2 2018-08-02 6.8 MEDIUM 7.8 HIGH
There is a heap out of bounds read in radare2 2.6.0 in java_switch_op() in libr/anal/p/anal_java.c via a crafted Java binary file.