Vulnerabilities > Cesnet

DATE CVE VULNERABILITY TITLE RISK
2023-04-03 CVE-2023-26916 NULL Pointer Dereference vulnerability in multiple products
libyang from v2.0.164 to v2.1.30 was discovered to contain a NULL pointer dereference via the function lys_parse_mem at lys_parse_mem.c.
network
low complexity
cesnet fedoraproject CWE-476
5.3
5.3
2023-01-07 CVE-2016-15014 Insufficiently Protected Credentials vulnerability in Cesnet Theme-Cesnet
A vulnerability has been found in CESNET theme-cesnet up to 1.x on ownCloud and classified as problematic.
local
low complexity
cesnet CWE-522
5.5
5.5
2021-05-20 CVE-2021-28902 Unchecked Return Value vulnerability in Cesnet Libyang
In function read_yin_container() in libyang <= v1.0.225, it doesn't check whether the value of retval->ext[r] is NULL.
network
low complexity
cesnet CWE-252
5.0
5.0
2021-05-20 CVE-2021-28903 Uncontrolled Recursion vulnerability in Cesnet Libyang
A stack overflow in libyang <= v1.0.225 can cause a denial of service through function lyxml_parse_mem().
network
low complexity
cesnet CWE-674
5.0
5.0
2021-05-20 CVE-2021-28904 Unchecked Return Value vulnerability in Cesnet Libyang
In function ext_get_plugin() in libyang <= v1.0.225, it doesn't check whether the value of revision is NULL.
network
low complexity
cesnet CWE-252
5.0
5.0
2021-05-20 CVE-2021-28905 Reachable Assertion vulnerability in Cesnet Libyang
In function lys_node_free() in libyang <= v1.0.225, it asserts that the value of node->module can't be NULL.
network
low complexity
cesnet CWE-617
5.0
5.0
2021-05-20 CVE-2021-28906 Unchecked Return Value vulnerability in Cesnet Libyang
In function read_yin_leaf() in libyang <= v1.0.225, it doesn't check whether the value of retval->ext[r] is NULL.
network
low complexity
cesnet CWE-252
5.0
5.0
2020-03-25 CVE-2020-5281 Incorrect Permission Assignment for Critical Resource vulnerability in Cesnet Perun
In Perun before version 3.9.1, VO or group manager can modify configuration of the LDAP extSource to retrieve all from Perun LDAP.
network
low complexity
cesnet CWE-732
5.0
5.0
2020-01-22 CVE-2019-20398 NULL Pointer Dereference vulnerability in Cesnet Libyang
A NULL pointer dereference is present in libyang before v1.0-r3 in the function lys_extension_instances_free() due to a copy of unresolved extensions in lys_restr_dup().
network
low complexity
cesnet CWE-476
6.5
6.5
2020-01-22 CVE-2019-20397 Double Free vulnerability in Cesnet Libyang
A double-free is present in libyang before v1.0-r1 in the function yyparse() when an organization field is not terminated.
network
low complexity
cesnet CWE-415
8.8
8.8