Filtered by vendor Cesnet
Subscribe
Search
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-19334 | 3 Cesnet, Fedoraproject, Redhat | 3 Libyang, Fedora, Enterprise Linux | 2019-12-18 | 7.5 HIGH | 9.8 CRITICAL |
| In all versions of libyang before 1.0-r5, a stack-based buffer overflow was discovered in the way libyang parses YANG files with a leaf of type "identityref". An application that uses libyang to parse untrusted YANG files may be vulnerable to this flaw, which would allow an attacker to cause a denial of service or possibly gain code execution. | |||||
| CVE-2019-19333 | 2 Cesnet, Redhat | 2 Libyang, Enterprise Linux | 2019-12-18 | 7.5 HIGH | 9.8 CRITICAL |
| In all versions of libyang before 1.0-r5, a stack-based buffer overflow was discovered in the way libyang parses YANG files with a leaf of type "bits". An application that uses libyang to parse untrusted YANG files may be vulnerable to this flaw, which would allow an attacker to cause a denial of service or possibly gain code execution. | |||||
| CVE-2019-15537 | 1 Cesnet | 1 Proxystatistics | 2019-08-28 | 7.5 HIGH | 9.8 CRITICAL |
| The proxystatistics module before 3.1.0 for SimpleSAMLphp allows SQL Injection in lib/Auth/Process/DatabaseCommand.php. | |||||