Radare

Radare2

148 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2021-3673

Exploit
  • EPSS 0.65%
  • Veröffentlicht 02.08.2021 19:15:13
  • Zuletzt bearbeitet 21.11.2024 06:22:07

A vulnerability was found in Radare2 in version 5.3.1. Improper input validation when reading a crafted LE binary can lead to resource exhaustion and DoS.

5.5

CVE-2021-32613

Exploit
  • EPSS 0.35%
  • Veröffentlicht 14.05.2021 13:15:07
  • Zuletzt bearbeitet 21.11.2024 06:07:22

In radare2 through 5.3.0 there is a double free vulnerability in the pyc parse via a crafted file which can lead to DoS.

7.5

CVE-2020-17487

Exploit
  • EPSS 0.52%
  • Veröffentlicht 11.08.2020 20:15:13
  • Zuletzt bearbeitet 21.11.2024 05:08:12

radare2 4.5.0 misparses signature information in PE files, causing a segmentation fault in r_x509_parse_algorithmidentifier in libr/util/x509.c. This is due to a malformed object identifier in IMAGE_DIRECTORY_ENTRY_SECURITY.

5.5

CVE-2020-16269

Exploit
  • EPSS 0.34%
  • Veröffentlicht 03.08.2020 16:15:12
  • Zuletzt bearbeitet 21.11.2024 05:07:04

radare2 4.5.0 misparses DWARF information in executable files, causing a segmentation fault in parse_typedef in type_dwarf.c via a malformed DW_AT_name in the .debug_info section.

9.6

CVE-2020-15121

  • EPSS 0.59%
  • Veröffentlicht 20.07.2020 18:15:12
  • Zuletzt bearbeitet 21.11.2024 05:04:51

In radare2 before version 4.5.0, malformed PDB file names in the PDB server path cause shell injection. To trigger the problem it's required to open the executable in radare2 and run idpd to trigger the download. The shell code will execute, and will...

7.8

CVE-2019-19647

Exploit
  • EPSS 0.49%
  • Veröffentlicht 09.12.2019 01:15:10
  • Zuletzt bearbeitet 21.11.2024 04:35:07

radare2 through 4.0.0 lacks validation of the content variable in the function r_asm_pseudo_incbin at libr/asm/asm.c, ultimately leading to an arbitrary write. This allows remote attackers to cause a denial of service (application crash) or possibly ...

7.8

CVE-2019-19590

Exploit
  • EPSS 3.05%
  • Veröffentlicht 05.12.2019 02:15:19
  • Zuletzt bearbeitet 21.11.2024 04:35:00

In radare2 through 4.0, there is an integer overflow for the variable new_token_size in the function r_asm_massemble at libr/asm/asm.c. This integer overflow will result in a Use-After-Free for the buffer tokens, which can be filled with arbitrary ma...

7.8

CVE-2019-16718

  • EPSS 1.34%
  • Veröffentlicht 23.09.2019 14:15:10
  • Zuletzt bearbeitet 21.11.2024 04:31:03

In radare2 before 3.9.0, a command injection vulnerability exists in bin_symbols() in libr/core/cbin.c. By using a crafted executable file, it's possible to execute arbitrary shell commands with the permissions of the victim. This vulnerability is du...

7.8

CVE-2019-14745

Exploit
  • EPSS 7.08%
  • Veröffentlicht 07.08.2019 15:15:14
  • Zuletzt bearbeitet 21.11.2024 04:27:15

In radare2 before 3.7.0, a command injection vulnerability exists in bin_symbols() in libr/core/cbin.c. By using a crafted executable file, it's possible to execute arbitrary shell commands with the permissions of the victim. This vulnerability is du...

5.5

CVE-2019-12865

Exploit
  • EPSS 0.26%
  • Veröffentlicht 17.06.2019 23:15:13
  • Zuletzt bearbeitet 21.11.2024 04:23:44

In radare2 through 3.5.1, cmd_mount in libr/core/cmd_mount.c has a double free for the ms command.