pancake

71 exploits Active since Feb 2017
CVE-2018-11381 WRITEUP MEDIUM WRITEUP
radare2 2.5.0 - Denial of Service via Heap-Based Out-of-Bounds Read in string_scan_range()
The string_scan_range() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted binary file.
CVSS 5.5
CVE-2018-11382 WRITEUP MEDIUM WRITEUP
radare2 2.5.0 - Denial of Service via Crafted Binary File
The _inst__sts() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted binary file.
CVSS 5.5
CVE-2018-11383 WRITEUP MEDIUM WRITEUP
radare2 2.5.0 - Denial of Service via Crafted ELF File in CPSE Handler
The r_strbuf_fini() function in radare2 2.5.0 allows remote attackers to cause a denial of service (invalid free and application crash) via a crafted ELF file because of an uninitialized variable in the CPSE handler in libr/anal/p/anal_avr.c.
CVSS 5.5
CVE-2018-11384 WRITEUP MEDIUM WRITEUP
radare2 2.5.0 - Denial of Service via Crafted ELF File
The sh_op() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted ELF file.
CVSS 5.5
CVE-2018-12320 WRITEUP HIGH WRITEUP
radare2 2.6.0 - Use-After-Free in r_anal_bb_free() via Crafted Java Binary
There is a use after free in radare2 2.6.0 in r_anal_bb_free() in libr/anal/bb.c via a crafted Java binary file.
CVSS 7.8
CVE-2018-12321 WRITEUP HIGH WRITEUP
radare2 2.6.0 - Heap Out-of-Bounds Read in Java Binary Parser
There is a heap out of bounds read in radare2 2.6.0 in java_switch_op() in libr/anal/p/anal_java.c via a crafted Java binary file.
CVSS 7.8
CVE-2018-12322 WRITEUP MEDIUM WRITEUP
radare2 2.6.0 - Heap Out-of-bounds Read in 6502 Analyzer
There is a heap out of bounds read in radare2 2.6.0 in _6502_op() in libr/anal/p/anal_6502.c via a crafted iNES ROM binary file.
CVSS 5.5
CVE-2018-20458 WRITEUP MEDIUM WRITEUP
radare2 < 3.1.1 - Denial of Service via Out-of-bounds Read in r_bin_dyldcache_extract
In radare2 prior to 3.1.1, r_bin_dyldcache_extract in libr/bin/format/mach0/dyldcache.c may allow attackers to cause a denial-of-service (application crash caused by out-of-bounds read) by crafting an input file.
CVSS 5.5
CVE-2018-20460 WRITEUP MEDIUM WRITEUP
radare2 < 3.1.2 - Denial of Service via parseOperands Stack-Based Buffer Overflow
In radare2 prior to 3.1.2, the parseOperands function in libr/asm/arch/arm/armass64.c allows attackers to cause a denial-of-service (application crash caused by stack-based buffer overflow) by crafting an input file.
CVSS 5.5
CVE-2019-16718 WRITEUP HIGH WRITEUP
radare2 < 3.9.0 - OS Command Injection via Crafted Executable Symbol Names
In radare2 before 3.9.0, a command injection vulnerability exists in bin_symbols() in libr/core/cbin.c. By using a crafted executable file, it's possible to execute arbitrary shell commands with the permissions of the victim. This vulnerability is due to an insufficient fix for CVE-2019-14745 and improper handling of symbol names embedded in executables.
CVSS 7.8
CVE-2021-32494 WRITEUP CRITICAL WRITEUP
radare2 - Denial of Service via Mach-O Parser Rebase Buffer Division By Zero
Radare2 has a division by zero vulnerability in Mach-O parser's rebase_buffer function. This allow attackers to create malicious inputs that can cause denial of service.
CVSS 10.0
CVE-2021-32495 WRITEUP CRITICAL WRITEUP
radare2 - Use-After-Free in pyc Parser get_none_object Function
Radare2 has a use-after-free vulnerability in pyc parser's get_none_object function. Attacker can read freed memory afterwards. This will allow attackers to cause denial of service.
CVSS 10.0
CVE-2021-32613 WRITEUP MEDIUM WRITEUP
radare2 < 5.3.0 - Double Free in pyc Parser
In radare2 through 5.3.0 there is a double free vulnerability in the pyc parse via a crafted file which can lead to DoS.
CVSS 5.5
CVE-2022-0419 WRITEUP MEDIUM WRITEUP
radare2 <5.6.0 - NULL Pointer Dereference
NULL Pointer Dereference in GitHub repository radareorg/radare2 prior to 5.6.0.
CVSS 5.5
CVE-2022-0476 WRITEUP MEDIUM WRITEUP
radare2 < 5.6.4 - Denial of Service
Denial of Service in GitHub repository radareorg/radare2 prior to 5.6.4.
CVSS 5.5
CVE-2022-0559 WRITEUP CRITICAL WRITEUP
radareorg/radare2 <5.6.2 - Use After Free
Use After Free in GitHub repository radareorg/radare2 prior to 5.6.2.
CVSS 9.8
CVE-2022-0676 WRITEUP HIGH WRITEUP
radareorg/radare2 <5.6.4 - Buffer Overflow
Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.6.4.
CVSS 7.8
CVE-2022-0695 WRITEUP MEDIUM WRITEUP
radare2 < 5.6.4 - Denial of Service
Denial of Service in GitHub repository radareorg/radare2 prior to 5.6.4.
CVSS 5.5
CVE-2022-0712 WRITEUP MEDIUM WRITEUP
radare2 <5.6.4 - NULL Pointer Dereference
NULL Pointer Dereference in GitHub repository radareorg/radare2 prior to 5.6.4.
CVSS 5.5
CVE-2022-0713 WRITEUP HIGH WRITEUP
radare2 < 5.6.4 - Heap-based Buffer Overflow
Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.6.4.
CVSS 7.1
CVE-2022-1031 WRITEUP HIGH WRITEUP
radare2 < 5.6.6 - Use-After-Free in op_is_set_bp
Use After Free in op_is_set_bp in GitHub repository radareorg/radare2 prior to 5.6.6.
CVSS 7.8
CVE-2022-1052 WRITEUP MEDIUM WRITEUP
radare2 < 5.6.6 - Heap-based Buffer Overflow in iterate_chained_fixups
Heap Buffer Overflow in iterate_chained_fixups in GitHub repository radareorg/radare2 prior to 5.6.6.
CVSS 5.5
CVE-2022-1207 WRITEUP MEDIUM WRITEUP
radare2 < 5.6.8 - Out-of-bounds Read
Out-of-bounds read in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability allows attackers to read sensitive information from outside the allocated buffer boundary.
CVSS 6.6
CVE-2022-1237 WRITEUP HIGH WRITEUP
radare2 < 5.6.8 - Heap Overflow via Improper Array Index Validation
Improper Validation of Array Index in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability is heap overflow and may be exploitable. For more general description of heap buffer overflow, see [CWE](https://cwe.mitre.org/data/definitions/122.html).
CVSS 7.8
CVE-2022-1238 WRITEUP HIGH WRITEUP
radare2 < 5.6.8 - Heap-Based Buffer Overflow in NE Format Parser
Out-of-bounds Write in libr/bin/format/ne/ne.c in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability is heap overflow and may be exploitable. For more general description of heap buffer overflow, see [CWE](https://cwe.mitre.org/data/definitions/122.html).
CVSS 7.8