Vulnerabilities > Cesnet > High

DATE CVE VULNERABILITY TITLE RISK
2023-04-11 CVE-2023-26917 NULL Pointer Dereference vulnerability in Cesnet Libyang
libyang from v2.0.164 to v2.1.30 was discovered to contain a NULL pointer dereference via the function lysp_stmt_validate_value at lys_parse_mem.c.
network
low complexity
cesnet CWE-476
7.5
7.5
2021-05-20 CVE-2021-28902 Unchecked Return Value vulnerability in Cesnet Libyang
In function read_yin_container() in libyang <= v1.0.225, it doesn't check whether the value of retval->ext[r] is NULL.
network
low complexity
cesnet CWE-252
7.5
7.5
2021-05-20 CVE-2021-28903 Uncontrolled Recursion vulnerability in Cesnet Libyang
A stack overflow in libyang <= v1.0.225 can cause a denial of service through function lyxml_parse_mem().
network
low complexity
cesnet CWE-674
7.5
7.5
2021-05-20 CVE-2021-28904 Unchecked Return Value vulnerability in Cesnet Libyang
In function ext_get_plugin() in libyang <= v1.0.225, it doesn't check whether the value of revision is NULL.
network
low complexity
cesnet CWE-252
7.5
7.5
2021-05-20 CVE-2021-28905 Reachable Assertion vulnerability in Cesnet Libyang
In function lys_node_free() in libyang <= v1.0.225, it asserts that the value of node->module can't be NULL.
network
low complexity
cesnet CWE-617
7.5
7.5
2021-05-20 CVE-2021-28906 Unchecked Return Value vulnerability in Cesnet Libyang
In function read_yin_leaf() in libyang <= v1.0.225, it doesn't check whether the value of retval->ext[r] is NULL.
network
low complexity
cesnet CWE-252
7.5
7.5
2020-03-25 CVE-2020-5281 Incorrect Permission Assignment for Critical Resource vulnerability in Cesnet Perun
In Perun before version 3.9.1, VO or group manager can modify configuration of the LDAP extSource to retrieve all from Perun LDAP.
network
low complexity
cesnet CWE-732
7.5
7.5
2020-01-22 CVE-2019-20397 Double Free vulnerability in Cesnet Libyang
A double-free is present in libyang before v1.0-r1 in the function yyparse() when an organization field is not terminated.
network
low complexity
cesnet CWE-415
8.8
8.8
2020-01-22 CVE-2019-20394 Double Free vulnerability in Cesnet Libyang
A double-free is present in libyang before v1.0-r3 in the function yyparse() when a type statement in used in a notification statement.
network
low complexity
cesnet CWE-415
8.8
8.8
2020-01-22 CVE-2019-20393 Double Free vulnerability in Cesnet Libyang
A double-free is present in libyang before v1.0-r1 in the function yyparse() when an empty description is used.
network
low complexity
cesnet CWE-415
8.8
8.8