CVE-2017-9520
- EPSS 1.07%
- Veröffentlicht 08.06.2017 14:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
The r_config_set function in libr/config/config.c in radare2 1.5.0 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted DEX file.
CVE-2017-7946
- EPSS 0.87%
- Veröffentlicht 18.04.2017 20:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
The get_relocs_64 function in libr/bin/format/mach0/mach0.c in radare2 1.3.0 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted Mach0 file.
CVE-2017-7854
- EPSS 1.1%
- Veröffentlicht 13.04.2017 16:59:01
- Zuletzt bearbeitet 13.05.2026 00:24:29
The consume_init_expr function in wasm.c in radare2 1.3.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted Web Assembly file.
CVE-2017-7716
- EPSS 0.72%
- Veröffentlicht 12.04.2017 15:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
The read_u32_leb128 function in libr/util/uleb128.c in radare2 1.3.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted Web Assembly file.
CVE-2017-6194
- EPSS 1.88%
- Veröffentlicht 03.04.2017 05:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
The relocs function in libr/bin/p/bin_bflt.c in radare2 1.2.1 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file.
CVE-2017-6448
- EPSS 1.74%
- Veröffentlicht 03.04.2017 05:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
The dalvik_disassemble function in libr/asm/p/asm_dalvik.c in radare2 1.2.1 allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted DEX file.
CVE-2017-7274
- EPSS 1.6%
- Veröffentlicht 27.03.2017 17:59:01
- Zuletzt bearbeitet 13.05.2026 00:24:29
The r_pkcs7_parse_cms function in libr/util/r_pkcs7.c in radare2 1.3.0 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PE file.
CVE-2017-6319
- EPSS 1.24%
- Veröffentlicht 02.03.2017 01:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
The dex_parse_debug_item function in libr/bin/p/bin_dex.c in radare2 1.2.1 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted DEX file.
CVE-2017-6387
- EPSS 1.06%
- Veröffentlicht 02.03.2017 01:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
The dex_loadcode function in libr/bin/p/bin_dex.c in radare2 1.2.1 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted DEX file.
CVE-2017-6415
- EPSS 1.25%
- Veröffentlicht 02.03.2017 01:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
The dex_parse_debug_item function in libr/bin/p/bin_dex.c in radare2 1.2.1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted DEX file.