195 matches found
EUVD-2019-8955
Malware in sbrugna...
EUVD-2019-10948
Malware in sbrugna...
EUVD-2020-24678
Malware in sbrugna...
EUVD-2019-10945
Malware in sbrugna...
EUVD-2019-8954
Malware in sbrugna...
EUVD-2023-51940
Malicious code in bioql PyPI...
EUVD-2023-51939
Malicious code in bioql PyPI...
USN-7752-1 libyang2 vulnerabilities
It was discovered that libyang incorrectly handled certain memory operations when parsing YANG strings. An attacker could possibly use this issue to cause libyang to crash, resulting in a denial of service...
USN-7752-1: libyang vulnerabilities
It was discovered that libyang incorrectly handled certain memory operations when parsing YANG strings. An attacker could possibly use this issue to cause libyang to crash, resulting in a denial of service...
Linux Distros Unpatched Vulnerability : CVE-2019-20392
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An invalid memory access flaw is present in libyang before v1.0-r1 in the function resolvefeaturevalue when an if-feature statement is used inside a list key...
Linux Distros Unpatched Vulnerability : CVE-2019-20398
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A NULL pointer dereference is present in libyang before v1.0-r3 in the function lysextensioninstancesfree due to a copy of unresolved extensions in lysrestrdup...
crud 安全漏洞
crud is a minimalist backend management system by the individual developer Yang Youwang yangyouwang,in China. A security vulnerability exists in yangyouwang crud version 1.0.0, which stems from the role management feature being vulnerable to cross-site scripting attacks...
CVE-2023-47844
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Lim Kai Yang Grab & Save allows Reflected XSS.This issue affects Grab & Save: from n/a through 1.0.4...
CVE-2024-53173
In the Linux kernel, the following vulnerability has been resolved: NFSv4.0: Fix a use-after-free problem in the asynchronous open Yang Erkun reports that when two threads are opening files at the same time, and are forced to abort before a reply is seen, then the call to nfsreleaseseqid in...
GHSA-3WFJ-3X8Q-HRPG Kubean vulnerable to cluster-level privilege escalation
Impact This ClusterRole has verbs of resources. If a malicious user can access the worker node which has kubean's deployment, he/she can abuse these excessive permissions to do whatever he/she likes to the whole cluster, resulting in a cluster-level privilege escalation. Patches =v0.18.0 Referenc...
The vulnerability of the yyparse() function in the syntax analyzer and tools for the YANG modeling language Libyang allows a perpetrator to execute arbitrary code or cause service failures.
The vulnerability of the yyparse function in the syntax analyzer and modeling tool of the YANG Libyang language is related to a memory reclamation error. Exploiting this vulnerability could allow an attacker to execute arbitrary code or cause service failures remotely...
CVE-2023-47845
Cross-Site Request Forgery CSRF vulnerability in Lim Kai Yang Grab & Save.This issue affects Grab & Save: from n/a through 1.0.4...
Vulnerability of the lys_parse_mem function The syntax analyzer and modeling tool for the YANG libyang language allow attackers to trigger a service failure.
The vulnerability of the lysparsemem function, a syntax analyzer and tool for data modeling language YANG libyang, is related to the use of NULL pointers. Exploiting this vulnerability could allow an attacker to cause service failures during the verification of whether the value of mod-revision i...
ROS-20240521-04
Vulnerability of the lysparsemem function parser and data modeling language toolkit for YANG libyang is related to the lack of a check if the value mod-revision is NULL. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
Ubuntu: Security Advisory (USN-6766-3)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...