U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Vulnerability Database

National Vulnerability Database

NVD

National Vulnerability Database
  1. VulnerabilitiesSearch And Statistics

Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:a:radare:radare2:5.7.4:*:*:*:*:*:*:*
  • CPE Name Search: true
There are 9 matching records.
Displaying matches 1 through 9.
Vuln ID Summary CVSS Severity
CVE-2023-47016

radare2 5.8.9 has an out-of-bounds read in r_bin_object_set_items in libr/bin/bobj.c, causing a crash in r_read_le32 in libr/include/r_endian.h.

Published: November 22, 2023; 2:15:07 AM -0500 		V3.1: 7.5 HIGH
 V2.0:(not available)
CVE-2023-46570

An out-of-bounds read in radare2 v.5.8.9 and before exists in the print_insn32 function of libr/arch/p/nds32/nds32-dis.h.

Published: October 27, 2023; 10:15:07 PM -0400 		V3.1: 9.8 CRITICAL
 V2.0:(not available)
CVE-2023-46569

An out-of-bounds read in radare2 v.5.8.9 and before exists in the print_insn32_fpu function of libr/arch/p/nds32/nds32-dis.h.

Published: October 27, 2023; 10:15:07 PM -0400 		V3.1: 9.8 CRITICAL
 V2.0:(not available)
CVE-2023-5686

Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.9.0.

Published: October 20, 2023; 1:15:08 PM -0400 		V3.1: 8.8 HIGH
 V2.0:(not available)
CVE-2023-4322

Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.9.0.

Published: August 14, 2023; 12:15:09 PM -0400 		V3.1: 9.8 CRITICAL
 V2.0:(not available)
CVE-2023-1605

Denial of Service in GitHub repository radareorg/radare2 prior to 5.8.6.

Published: March 23, 2023; 3:15:12 PM -0400 		V3.1: 7.5 HIGH
 V2.0:(not available)
CVE-2023-0302

Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) in GitHub repository radareorg/radare2 prior to 5.8.2.

Published: January 14, 2023; 8:15:15 PM -0500 		V3.1: 7.8 HIGH
 V2.0:(not available)
CVE-2022-4843

NULL Pointer Dereference in GitHub repository radareorg/radare2 prior to 5.8.2.

Published: December 29, 2022; 1:15:10 PM -0500 		V3.1: 7.5 HIGH
 V2.0:(not available)
CVE-2022-4398

Integer Overflow or Wraparound in GitHub repository radareorg/radare2 prior to 5.8.0.

Published: December 10, 2022; 3:15:10 PM -0500 		V3.1: 7.8 HIGH
 V2.0:(not available)