CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2020-27793
https://notcve.org/view.php?id=CVE-2020-27793
19 Aug 2022 — An off-by-one overflow flaw was found in radare2 due to mismatched array length in core_java.c. This could allow an attacker to cause a crash, and perform a denail of service attack. Se ha detectado un fallo de desbordamiento de memoria uno a uno en radare2 debido a una longitud de matriz no coincidente en el archivo core_java.c. Esto podría permitir a un atacante causar un fallo y llevar a cabo un ataque de denegación de servicio. • https://github.com/radareorg/radare2/commit/ced0223c7a1b3b5344af315715cd28fe7c0d9ebc • CWE-193: Off-by-one Error •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2020-27795
https://notcve.org/view.php?id=CVE-2020-27795
19 Aug 2022 — A segmentation fault was discovered in radare2 with adf command. In libr/core/cmd_anal.c, when command "adf" has no or wrong argument, anal_fcn_data (core, input + 1) --> RAnalFunction *fcn = r_anal_get_fcn_in (core->anal, core->offset, -1); returns null pointer for fcn causing segmentation fault later in ensure_fcn_range (fcn). Se ha detectado un fallo de segmentación en radare2 con el comando adf. En el archivo libr/core/cmd_anal.c, cuando el comando "adf" no presenta argumento o es erróneo, anal_fcn_data... • https://github.com/radareorg/radare2/commit/4d3811681a80f92a53e795f6a64c4b0fc2c8dd22 • CWE-908: Use of Uninitialized Resource •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 1CVE-2022-1899 – Out-of-bounds Read in radareorg/radare2
https://notcve.org/view.php?id=CVE-2022-1899
26 May 2022 — Out-of-bounds Read in GitHub repository radareorg/radare2 prior to 5.7.0. Una Lectura Fuera de Límites en el repositorio GitHub radareorg/radare2 versiones anteriores a 5.7.0 • https://github.com/radareorg/radare2/commit/193f4fe01d7f626e2ea937450f2e0c4604420e9d • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 3CVE-2021-44974
https://notcve.org/view.php?id=CVE-2021-44974
25 May 2022 — radareorg radare2 version 5.5.2 is vulnerable to NULL Pointer Dereference via libr/bin/p/bin_symbols.c binary symbol parser. radareorg radare2 versión 5.5.2, es vulnerable a una Desreferencia de Puntero NULL por medio del analizador de símbolos binarios libr/bin/p/bin_symbols.c • http://www.openwall.com/lists/oss-security/2022/05/25/1 • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-1809 – Access of Uninitialized Pointer in radareorg/radare2
https://notcve.org/view.php?id=CVE-2022-1809
21 May 2022 — Access of Uninitialized Pointer in GitHub repository radareorg/radare2 prior to 5.7.0. Un Acceso de Puntero no Inicializado en el repositorio GitHub radareorg/radare2 versiones anteriores a 5.7.0 • https://github.com/radareorg/radare2/commit/919e3ac1a13f753c73e7a8e8d8bb4a143218732d • CWE-824: Access of Uninitialized Pointer •
CVSS: 7.9EPSS: 0%CPEs: 1EXPL: 1CVE-2022-1714 – Out-of-bounds Read in radareorg/radare2
https://notcve.org/view.php?id=CVE-2022-1714
13 May 2022 — Out-of-bounds Read in GitHub repository radareorg/radare2 prior to 5.7.0. The bug causes the program reads data past the end of the intented buffer. Typically, this can allow attackers to read sensitive information from other memory locations or cause a crash. Un Desbordamiento de Búfer en la Región Heap de la Memoria en el repositorio GitHub radareorg/radare2 versiones anteriores a 5.7.0. El bug causa que el programa lea datos más allá del final del búfer previsto. • https://github.com/radareorg/radare2/commit/3ecdbf8e21186a9c5a4d3cfa3b1e9fd27045340e • CWE-125: Out-of-bounds Read •
CVSS: 7.6EPSS: 0%CPEs: 1EXPL: 1CVE-2022-1649 – Null pointer dereference in libr/bin/format/mach0/mach0.c in radareorg/radare2 in radareorg/radare2
https://notcve.org/view.php?id=CVE-2022-1649
10 May 2022 — Null pointer dereference in libr/bin/format/mach0/mach0.c in radareorg/radare2 in GitHub repository radareorg/radare2 prior to 5.7.0. It is likely to be exploitable. For more general description of heap buffer overflow, see [CWE](https://cwe.mitre.org/data/definitions/476.html). Una Desreferencia de puntero Null en el archivo libr/bin/format/mach0/mach0.c en radareorg/radare2 en el repositorio de GitHub radareorg/radare2 versiones anteriores a 5.7.0. Es probable que pueda ser explotada. • https://github.com/radareorg/radare2/commit/a5aafb99c3965259c84ddcf45a91144bf7eb4cf1 • CWE-476: NULL Pointer Dereference •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 1CVE-2022-1451 – Out-of-bounds Read in r_bin_java_constant_value_attr_new function in radareorg/radare2
https://notcve.org/view.php?id=CVE-2022-1451
24 Apr 2022 — Out-of-bounds Read in r_bin_java_constant_value_attr_new function in GitHub repository radareorg/radare2 prior to 5.7.0. The bug causes the program reads data past the end 2f the intented buffer. Typically, this can allow attackers to read sensitive information from other memory locations or cause a crash. More details see [CWE-125: Out-of-bounds read](https://cwe.mitre.org/data/definitions/125.html). Una Lectura fuera de Límites en la función r_bin_java_constant_value_attr_new en el repositorio GitHub rada... • https://github.com/radareorg/radare2/commit/0927ed3ae99444e7b47b84e43118deb10fe37529 • CWE-125: Out-of-bounds Read CWE-788: Access of Memory Location After End of Buffer •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 1CVE-2022-1452 – Out-of-bounds Read in r_bin_java_bootstrap_methods_attr_new function in radareorg/radare2
https://notcve.org/view.php?id=CVE-2022-1452
24 Apr 2022 — Out-of-bounds Read in r_bin_java_bootstrap_methods_attr_new function in GitHub repository radareorg/radare2 prior to 5.7.0. The bug causes the program reads data past the end 2f the intented buffer. Typically, this can allow attackers to read sensitive information from other memory locations or cause a crash. More details see [CWE-125: Out-of-bounds read](https://cwe.mitre.org/data/definitions/125.html). Una Lectura fuera de Límites en la función r_bin_java_bootstrap_methods_attr_new en el repositorio GitHu... • https://github.com/radareorg/radare2/commit/ecc44b6a2f18ee70ac133365de0e509d26d5e168 • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2022-1444 – heap-use-after-free in radareorg/radare2
https://notcve.org/view.php?id=CVE-2022-1444
23 Apr 2022 — heap-use-after-free in GitHub repository radareorg/radare2 prior to 5.7.0. This vulnerability is capable of inducing denial of service. Un uso de memoria previamente liberada en el repositorio GitHub radareorg/radare2 versiones anteriores a 5.7.0. Esta vulnerabilidad es capaz de inducir una denegación de servicio • https://github.com/radareorg/radare2/commit/14189710859c27981adb4c2c2aed2863c1859ec5 • CWE-416: Use After Free •