| CVE-2022-0419 |
AVG-2748 |
Medium |
Unknown |
Unknown |
NULL pointer dereference in load_buffer |
| CVE-2021-44975 |
AVG-2748 |
Unknown |
Unknown |
Unknown |
Buffer Overflow via /libr/core/anal_objc.c mach-o parser |
| CVE-2021-44974 |
AVG-2748 |
Unknown |
Unknown |
Unknown |
NULL Pointer Dereference via libr/bin/p/bin_symbols.c binary symbol parser |
| CVE-2021-32613 |
AVG-1950 |
Low |
No |
Denial of service |
In radare2 through 5.3.0 there is a double free vulnerability in the pyc parser via a crafted file which can lead to denial of service. |
| CVE-2021-4021 |
AVG-2583 |
Low |
No |
Denial of service |
A vulnerability was found in Radare2 5.5.0 and in previous versions. Mapping a huge section filled with zeros of an ELF64 binary for MIPS architecture can... |
| CVE-2021-3673 |
AVG-2245 |
Low |
No |
Denial of service |
A vulnerability was found in Radare2 in version 5.3.1. Improper input validation when reading a crafted LE binary can lead to resource exhaustion and denial... |
| CVE-2018-11384 |
AVG-709 |
Medium |
Yes |
Denial of service |
The sh_op() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a... |
| CVE-2018-11383 |
AVG-709 |
Medium |
Yes |
Denial of service |
The r_strbuf_fini() function in radare2 2.5.0 allows remote attackers to cause a denial of service (invalid free and application crash) via a crafted ELF... |
| CVE-2018-11382 |
AVG-709 |
Medium |
Yes |
Denial of service |
The _inst__sts() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a... |
| CVE-2018-11381 |
AVG-709 |
Medium |
Yes |
Denial of service |
The string_scan_range() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash)... |
| CVE-2018-11380 |
AVG-709 |
Medium |
Yes |
Denial of service |
The parse_import_ptr() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash)... |
| CVE-2018-11379 |
AVG-709 |
Medium |
Yes |
Denial of service |
The get_debug_info() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash)... |
| CVE-2018-11378 |
AVG-709 |
High |
Yes |
Arbitrary code execution |
The wasm_dis() function in libr/asm/arch/wasm/wasm.c has a stack- buffer overflow that may result in denial-of-service or possibly have unspecified other... |
| CVE-2018-11377 |
AVG-709 |
Medium |
Yes |
Denial of service |
The avr_op_analyze() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash)... |
| CVE-2018-11376 |
AVG-709 |
Medium |
Yes |
Denial of service |
The r_read_le32() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a... |
| CVE-2018-11375 |
AVG-709 |
Medium |
Yes |
Denial of service |
The _inst__lds() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a... |