CVE-2023-0302 – Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) in radareorg/radare2
https://notcve.org/view.php?id=CVE-2023-0302
Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) in GitHub repository radareorg/radare2 prior to 5.8.2. Fallo al sanitizar elementos especiales en un plano diferente (Special Element Injection) en el repositorio de GitHub radareorg/radare2 antes de 5.8.2. • https://github.com/radareorg/radare2/commit/961f0e723903011d4f54c2396e44efa91fcc74ce https://huntr.dev/bounties/583133af-7ae6-4a21-beef-a4b0182cf82e • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-75: Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) •
CVE-2022-4843 – NULL Pointer Dereference in radareorg/radare2
https://notcve.org/view.php?id=CVE-2022-4843
NULL Pointer Dereference in GitHub repository radareorg/radare2 prior to 5.8.2. Eliminación de referencia del puntero NULL en el repositorio de GitHub radareorg/radare2 antes de 5.8.2. • https://github.com/radareorg/radare2/commit/842f809d4ec6a12af2906f948657281c9ebc8a24 https://huntr.dev/bounties/075b2760-66a0-4d38-b3b5-e9934956ab7f https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FOXRDPI3OYYKO4PKXE3XD2IFONL6BCHR https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OFCCTYAD7ASNQ23ABCUPAZHEDEIOCW6T • CWE-476: NULL Pointer Dereference •
CVE-2022-4398 – Integer Overflow or Wraparound in radareorg/radare2
https://notcve.org/view.php?id=CVE-2022-4398
Integer Overflow or Wraparound in GitHub repository radareorg/radare2 prior to 5.8.0. Desbordamiento de enteros o Wraparound en el repositorio de GitHub radareorg/radare2 anterior a 5.8.0. • https://github.com/radareorg/radare2/commit/b53a1583d05c3a5bfe5fa60da133fe59dfbb02b8 https://huntr.dev/bounties/c6f8d3ef-5420-4eba-9a5f-aba5e2b5fea2 • CWE-190: Integer Overflow or Wraparound •
CVE-2020-27794
https://notcve.org/view.php?id=CVE-2020-27794
A double free issue was discovered in radare2 in cmd_info.c:cmd_info(). Successful exploitation could lead to modification of unexpected memory locations and potentially causing a crash. Se ha detectado un problema de doble liberación en radare2 en la función cmd_info.c:cmd_info(). Una explotación con éxito podría conllevar a una modificación de ubicaciones de memoria no esperadas y causar potencialmente un bloqueo. • https://github.com/radareorg/radare2/commit/cb8b683758edddae2d2f62e8e63a738c39f92683 https://github.com/radareorg/radare2/issues/16303 • CWE-415: Double Free •
CVE-2020-27793
https://notcve.org/view.php?id=CVE-2020-27793
An off-by-one overflow flaw was found in radare2 due to mismatched array length in core_java.c. This could allow an attacker to cause a crash, and perform a denail of service attack. Se ha detectado un fallo de desbordamiento de memoria uno a uno en radare2 debido a una longitud de matriz no coincidente en el archivo core_java.c. Esto podría permitir a un atacante causar un fallo y llevar a cabo un ataque de denegación de servicio. • https://github.com/radareorg/radare2/commit/ced0223c7a1b3b5344af315715cd28fe7c0d9ebc https://github.com/radareorg/radare2/issues/16304 • CWE-193: Off-by-one Error •