hex-rays 関連製品全体の CVE とセキュリティ脆弱性情報を集約し、CVSS、EPSS、公開日、脆弱性情報データを掲載しています。
公開された問題は バッファオーバーフロー and vendor risk memory corruption に関連することが多く、vendor surface software deployment and vendor surface production workloads の文脈で アプリケーションクラッシュ and vendor impact memory corruption などの暴露リスクを伴う場合があります。
掲載データは公開脆弱性情報とセキュリティ公告に基づき、過去の暴露面と修補優先度の評価に利用できます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2024-44083 | ida64.dll in Hex-Rays IDA Pro through 8.4 crashes when there is a section that has many jumps linked, and the final jump corresponds to the payload from where the actual entry point will be invoked. NOTE: in many use cases, this is an inconvenience but not a security issue. | [email protected] | 7.5 | 8.78% | 2024-08-19 | 2025-03-18 |
| CVE-2022-32441 | A memory corruption in Hex Rays Ida Pro v6.6 allows attackers to cause a Denial of Service (DoS) via a crafted file. Related to Data from Faulting Address controls subsequent Write Address starting at msvcrt!memcpy+0x0000000000000056. | [email protected] | 5.5 | 0.18% | 2022-07-07 | 2024-11-21 |
| CVE-2014-9458 | Heap-based buffer overflow in the GDB debugger module in Hex-Rays IDA Pro before 6.6 cumulative fix 2014-12-24 allows remote GDB servers to have unspecified impact via unknown vectors. | [email protected] | 10.0 | 0.54% | 2015-01-02 | 2026-05-06 |
| CVE-2011-1054 | Unspecified vulnerability in the PEF input file loader in Hex-Rays IDA Pro 5.7 and 6.0 has unknown impact and attack vectors. | [email protected] | 10.0 | 0.46% | 2011-02-21 | 2026-04-29 |
| CVE-2011-1053 | Unspecified vulnerability in the Mach-O input file loader in Hex-Rays IDA Pro 5.7 and 6.0 allows user-assisted remote attackers to cause a denial of service (out-of-memory exception and inability to analyze code) via a crafted Mach-O file. | [email protected] | 4.3 | 0.50% | 2011-02-21 | 2026-04-29 |
| CVE-2011-1052 | Integer overflow in the PSX/GEOS input file loaders in Hex-Rays IDA Pro 5.7 and 6.0 has unknown impact and attack vectors related to memory allocation. | [email protected] | 10.0 | 0.54% | 2011-02-21 | 2026-04-29 |
| CVE-2011-1051 | Integer overflow in the COFF/EPOC/EXPLOAD input file loaders in Hex-Rays IDA Pro 5.7 and 6.0 has unknown impact and attack vectors related to memory allocation. | [email protected] | 10.0 | 0.46% | 2011-02-21 | 2026-04-29 |
| CVE-2011-1050 | Unspecified vulnerability in Hex-Rays IDA Pro 5.7 and 6.0 has unknown impact and attack vectors related to "converson of string encodings" and "inconsistencies in the handling of UTF8 sequences by the user interface." | [email protected] | 10.0 | 0.52% | 2011-02-21 | 2026-04-29 |
| CVE-2011-1049 | Buffer overflow in the Mach-O input file loader in Hex-Rays IDA Pro 5.7 and 6.0 allows user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted Macho-O file. | [email protected] | 6.8 | 0.52% | 2011-02-21 | 2026-04-29 |