2121 matches found
Denial Of Service (DoS)
libyang.so is vulnerable to denial of service DoS. The attacker can trigger a segmentation fault SIGSEGV signal by parsing a malformed pattern statement as lysparsepath...
CVE-2019-20391
An invalid memory access flaw is present in libyang before v1.0-r3 in the function resolvefeaturevalue when an if-feature statement is used inside a bit. Applications that use libyang to parse untrusted input yang files may crash...
CVE-2019-20392
An invalid memory access flaw is present in libyang before v1.0-r1 in the function resolvefeaturevalue when an if-feature statement is used inside a list key node, and the feature used is not defined. Applications that use libyang to parse untrusted input yang files may crash...
CVE-2019-20396
A segmentation fault is present in yyparse in libyang before v1.0-r1 due to a malformed pattern statement value during lysparsepath parsing...
CVE-2019-20392
An invalid memory access flaw is present in libyang before v1.0-r1 in the function resolvefeaturevalue when an if-feature statement is used inside a list key node, and the feature used is not defined. Applications that use libyang to parse untrusted input yang files may crash...
Design/Logic Flaw
An invalid memory access flaw is present in libyang before v1.0-r3 in the function resolvefeaturevalue when an if-feature statement is used inside a bit. Applications that use libyang to parse untrusted input yang files may crash...
CVE-2019-20392
An invalid memory access flaw is present in libyang before v1.0-r1 in the function resolvefeaturevalue when an if-feature statement is used inside a list key node, and the feature used is not defined. Applications that use libyang to parse untrusted input yang files may crash...
Design/Logic Flaw
An invalid memory access flaw is present in libyang before v1.0-r1 in the function resolvefeaturevalue when an if-feature statement is used inside a list key node, and the feature used is not defined. Applications that use libyang to parse untrusted input yang files may crash...
Double free
A double-free is present in libyang before v1.0-r3 in the function yyparse when a type statement in used in a notification statement. Applications that use libyang to parse untrusted input yang files may be vulnerable to this flaw, which would cause a crash or potentially code execution...
CVE-2019-20396
A segmentation fault is present in yyparse in libyang before v1.0-r1 due to a malformed pattern statement value during lysparsepath parsing...
UBUNTU-CVE-2019-20394
A double-free is present in libyang before v1.0-r3 in the function yyparse when a type statement in used in a notification statement. Applications that use libyang to parse untrusted input yang files may be vulnerable to this flaw, which would cause a crash or potentially code execution...
CVE-2019-20391
An invalid memory access flaw is present in libyang before v1.0-r3 in the function resolvefeaturevalue when an if-feature statement is used inside a bit. Applications that use libyang to parse untrusted input yang files may crash...
PYSEC-2020-169
A segmentation fault is present in yyparse in libyang before v1.0-r1 due to a malformed pattern statement value during lysparsepath parsing...
CVE-2019-20392
An invalid memory access flaw is present in libyang before v1.0-r1 in the function resolvefeaturevalue when an if-feature statement is used inside a list key node, and the feature used is not defined. Applications that use libyang to parse untrusted input yang files may crash...
PT-2020-1238 · Libyang · Libyang
Name of the Vulnerable Software and Affected Versions: libyang versions prior to v1.0-r3 Description: A double-free issue is present in the yyparse function when a type statement is used in a notification statement. This affects applications that use libyang to parse untrusted input yang files,...
CVE-2019-20396
A segmentation fault is present in yyparse in libyang before v1.0-r1 due to a malformed pattern statement value during lysparsepath parsing...
CVE-2019-20394
A double-free is present in libyang before v1.0-r3 in the function yyparse when a type statement in used in a notification statement. Applications that use libyang to parse untrusted input yang files may be vulnerable to this flaw, which would cause a crash or potentially code execution...
SQLite report about CVE-2020-15358
Malicious SQL statement causes a read past the end of a heap buffer. details...
The vulnerability of the ABAP Debugger arises from deficiencies in the authentication process, allowing an attacker to execute the “Go to statement” without going through the authentication process.
The vulnerability of the ABAP Debugger is due to deficiencies in the authentication process. Exploiting this vulnerability allows a malicious actor to execute the “Go to statement” without going through the authentication process...
The Great $50M African IP Address Heist
A top executive at the nonprofit entity responsible for doling out chunks of Internet addresses to businesses and other organizations in Africa has resigned his post following accusations that he secretly operated several companies which sold tens of millions of dollars worth of the increasingly...