CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-29645
https://notcve.org/view.php?id=CVE-2024-29645
02 Dec 2024 — Buffer Overflow vulnerability in radarorg radare2 v.5.8.8 allows an attacker to execute arbitrary code via the parse_die function. • https://gist.github.com/Crispy-fried-chicken/83f0f5e8a475284d64bf99fb342e9027 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-48241
https://notcve.org/view.php?id=CVE-2024-48241
30 Oct 2024 — An issue in radare2 v5.8.0 through v5.9.4 allows a local attacker to cause a denial of service via the __bf_div function. Un problema en radare2 v5.8.0 a v5.9.4 permite que un atacante local provoque una denegación de servicio a través de la función __bf_div. • https://github.com/St-Andrews-Bug-Busters/Vuln_info/blob/main/radare2/CVE-2024-48241.md • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 2CVE-2023-47016
https://notcve.org/view.php?id=CVE-2023-47016
22 Nov 2023 — radare2 5.8.9 has an out-of-bounds read in r_bin_object_set_items in libr/bin/bobj.c, causing a crash in r_read_le32 in libr/include/r_endian.h. radare2 5.8.9 tiene una lectura fuera de los límites en r_bin_object_set_items en libr/bin/bobj.c, lo que provoca un bloqueo en r_read_le32 en libr/include/r_endian.h. • https://gist.github.com/gandalf4a/65705be4f84269cb7cd725a1d4ab2ffa • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 2CVE-2023-46569
https://notcve.org/view.php?id=CVE-2023-46569
28 Oct 2023 — An out-of-bounds read in radare2 v.5.8.9 and before exists in the print_insn32_fpu function of libr/arch/p/nds32/nds32-dis.h. Existe una lectura fuera de los límites en radare2 v.5.8.9 y anteriores en la función print_insn32_fpu de libr/arch/p/nds32/nds32-dis.h. • https://gist.github.com/gandalf4a/afeaf8cc958f95876f0ee245b8a002e8 • CWE-125: Out-of-bounds Read •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 2CVE-2023-46570
https://notcve.org/view.php?id=CVE-2023-46570
28 Oct 2023 — An out-of-bounds read in radare2 v.5.8.9 and before exists in the print_insn32 function of libr/arch/p/nds32/nds32-dis.h. Existe una lectura fuera de los límites en radare2 v.5.8.9 y anteriores en la función print_insn32 de libr/arch/p/nds32/nds32-dis.h. • https://gist.github.com/gandalf4a/d7fa58f1b3418ef08ad244acccc10ba6 • CWE-125: Out-of-bounds Read •
CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 1CVE-2023-5686 – Heap-based Buffer Overflow in radareorg/radare2
https://notcve.org/view.php?id=CVE-2023-5686
20 Oct 2023 — Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.9.0. Desbordamiento de búfer basado en montón en el repositorio de GitHub radareorg/radare2 antes de 5.9.0. • https://github.com/radareorg/radare2/commit/1bdda93e348c160c84e30da3637acef26d0348de • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-28068
https://notcve.org/view.php?id=CVE-2022-28068
22 Aug 2023 — A heap buffer overflow in r_sleb128 function in radare2 5.4.2 and 5.4.0. Un desbordamiento del búfer del montículo en la función r_sleb128 en radare2 5.4.2 y 5.4.0. • https://github.com/radareorg/radare2/commit/637f4bd1af6752e28e0a9998e954e2e9ce6fa992 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-28069
https://notcve.org/view.php?id=CVE-2022-28069
22 Aug 2023 — A heap buffer overflow in vax_opfunction in radare2 5.4.2 and 5.4.0. Un desbordamiento del buffer heap en la función vax_op en radare2 5.4.2 y 5.4.0. • https://github.com/radareorg/radare2/commit/49b0cebfdf0db9704e36f8a5533f1df6d3e2ed3a • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-28070
https://notcve.org/view.php?id=CVE-2022-28070
22 Aug 2023 — A null pointer deference in __core_anal_fcn function in radare2 5.4.2 and 5.4.0. Una desreferencia de puntero NULL en la función __core_anal_fcn en radare2 5.4.2 y 5.4.0. • https://github.com/radareorg/radare2/commit/4aff1bb00224de4f5bc118f987dfd5d2fe3450d0 • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-28071
https://notcve.org/view.php?id=CVE-2022-28071
22 Aug 2023 — A use after free in r_reg_get_name_idx function in radare2 5.4.2 and 5.4.0. Un use after free en la función r_reg_get_name_idx en radare2 5.4.2 y 5.4.0. • https://github.com/radareorg/radare2/commit/65448811e5b9582a19cf631e03cfcaa025a92ef5 • CWE-416: Use After Free •