Rizin

Rizin

17 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.1

CVE-2026-22780

  • EPSS 0%
  • Veröffentlicht 02.02.2026 23:16:06
  • Zuletzt bearbeitet 20.02.2026 21:12:28

Rizin is a UNIX-like reverse engineering framework and command-line toolset. Prior to 0.8.2, a heap overflow can be exploited when a malicious mach0 file, having bogus entries for the dyld chained segments, is parsed by rizin. This vulnerability is f...

9.1

CVE-2024-31668

  • EPSS 0.09%
  • Veröffentlicht 17.12.2024 22:15:06
  • Zuletzt bearbeitet 03.07.2025 00:30:34

rizin before v0.6.3 is vulnerable to Improper Neutralization of Special Elements via meta_set function in librz/analysis/meta.

6.3

CVE-2024-31670

  • EPSS 0.07%
  • Veröffentlicht 12.12.2024 18:15:23
  • Zuletzt bearbeitet 02.07.2025 20:05:47

rizin before v0.6.3 is vulnerable to Buffer Overflow via create_cache_bins, read_cache_accel, and rz_dyldcache_new_buf functions in librz/bin/format/mach0/dyldcache.c.

7.5

CVE-2024-31669

  • EPSS 0.08%
  • Veröffentlicht 02.12.2024 15:15:11
  • Zuletzt bearbeitet 02.07.2025 20:36:02

rizin before Release v0.6.3 is vulnerable to Uncontrolled Resource Consumption via bin_pe_parse_imports, Pe_r_bin_pe_parse_var, and estimate_slide.

7.8

CVE-2023-40022

  • EPSS 0.07%
  • Veröffentlicht 24.08.2023 23:15:09
  • Zuletzt bearbeitet 21.11.2024 08:18:31

Rizin is a UNIX-like reverse engineering framework and command-line toolset. Versions 0.6.0 and prior are vulnerable to integer overflow in `consume_count` of `src/gnu_v2/cplus-dem.c`. The overflow check is valid logic but, is missing the modulus if ...

5.5

CVE-2023-30226

  • EPSS 0.04%
  • Veröffentlicht 12.07.2023 02:15:09
  • Zuletzt bearbeitet 21.11.2024 07:59:55

An issue was discovered in function get_gnu_verneed in rizinorg Rizin prior to 0.5.0 verneed_entry allows attackers to cause a denial of service via crafted elf file.

7.8

CVE-2021-3674

Exploit
  • EPSS 0.1%
  • Veröffentlicht 24.03.2023 20:15:08
  • Zuletzt bearbeitet 25.02.2025 17:15:10

A flaw was found in rizin. The create_section_from_phdr function allocates space for ELF section data by processing the headers. Crafted values in the headers can cause out of bounds reads, which can lead to memory corruption and possibly code execut...

7.8

CVE-2023-27590

  • EPSS 0.04%
  • Veröffentlicht 14.03.2023 21:15:10
  • Zuletzt bearbeitet 21.11.2024 07:53:12

Rizin is a UNIX-like reverse engineering framework and command-line toolset. In version 0.5.1 and prior, converting a GDB registers profile file into a Rizin register profile can result in a stack-based buffer overflow when the `name`, `type`, or `gr...

7.8

CVE-2022-36044

  • EPSS 0.16%
  • Veröffentlicht 06.09.2022 20:15:08
  • Zuletzt bearbeitet 21.11.2024 07:12:15

Rizin is a UNIX-like reverse engineering framework and command-line toolset. Versions 0.4.0 and prior are vulnerable to an out-of-bounds write when getting data from Luac files. A user opening a malicious Luac file could be affected by this vulnerabi...

7.8

CVE-2022-36043

  • EPSS 0.17%
  • Veröffentlicht 06.09.2022 20:15:08
  • Zuletzt bearbeitet 21.11.2024 07:12:15

Rizin is a UNIX-like reverse engineering framework and command-line toolset. Versions 0.4.0 and prior are vulnerable to a double free in bobj.c:rz_bin_reloc_storage_free() when freeing relocations generated from qnx binary plugin. A user opening a ma...