Vulnerabilities > Cesnet > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-04-03 | CVE-2023-26916 | NULL Pointer Dereference vulnerability in multiple products libyang from v2.0.164 to v2.1.30 was discovered to contain a NULL pointer dereference via the function lys_parse_mem at lys_parse_mem.c. | 5.3 |
| 2023-01-07 | CVE-2016-15014 | Insufficiently Protected Credentials vulnerability in Cesnet Theme-Cesnet A vulnerability has been found in CESNET theme-cesnet up to 1.x on ownCloud and classified as problematic. | 5.5 |
| 2021-05-20 | CVE-2021-28902 | Unchecked Return Value vulnerability in Cesnet Libyang In function read_yin_container() in libyang <= v1.0.225, it doesn't check whether the value of retval->ext[r] is NULL. | 5.0 |
| 2021-05-20 | CVE-2021-28903 | Uncontrolled Recursion vulnerability in Cesnet Libyang A stack overflow in libyang <= v1.0.225 can cause a denial of service through function lyxml_parse_mem(). | 5.0 |
| 2021-05-20 | CVE-2021-28904 | Unchecked Return Value vulnerability in Cesnet Libyang In function ext_get_plugin() in libyang <= v1.0.225, it doesn't check whether the value of revision is NULL. | 5.0 |
| 2021-05-20 | CVE-2021-28905 | Reachable Assertion vulnerability in Cesnet Libyang In function lys_node_free() in libyang <= v1.0.225, it asserts that the value of node->module can't be NULL. | 5.0 |
| 2021-05-20 | CVE-2021-28906 | Unchecked Return Value vulnerability in Cesnet Libyang In function read_yin_leaf() in libyang <= v1.0.225, it doesn't check whether the value of retval->ext[r] is NULL. | 5.0 |
| 2020-03-25 | CVE-2020-5281 | Incorrect Permission Assignment for Critical Resource vulnerability in Cesnet Perun In Perun before version 3.9.1, VO or group manager can modify configuration of the LDAP extSource to retrieve all from Perun LDAP. | 5.0 |
| 2020-01-22 | CVE-2019-20398 | NULL Pointer Dereference vulnerability in Cesnet Libyang A NULL pointer dereference is present in libyang before v1.0-r3 in the function lys_extension_instances_free() due to a copy of unresolved extensions in lys_restr_dup(). | 6.5 |
| 2020-01-22 | CVE-2019-20396 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cesnet Libyang A segmentation fault is present in yyparse in libyang before v1.0-r1 due to a malformed pattern statement value during lys_parse_path parsing. | 6.5 |