Vulnerabilities > Samba

DATE	CVE	VULNERABILITY TITLE	RISK
2019-11-06	CVE-2019-10218	Path Traversal vulnerability in multiple products A flaw was found in the samba client, all samba versions before samba 4.11.2, 4.10.10 and 4.9.15, where a malicious server can supply a pathname to the client with separators. network low complexity samba fedoraproject CWE-22	6.5
2019-09-03	CVE-2019-10197	Path Traversal vulnerability in multiple products A flaw was found in samba versions 4.9.x up to 4.9.13, samba 4.10.x up to 4.10.8 and samba 4.11.x up to 4.11.0rc3, when certain parameters were set in the samba configuration file. network low complexity samba debian canonical CWE-22 critical	9.1
2019-08-05	CVE-2019-3800	Information Exposure vulnerability in multiple products CF CLI version prior to v6.45.0 (bosh release version 1.16.0) writes the client id and secret to its config file when the user authenticates with --client-credentials flag. local low complexity pivotal apigee newrelic microsoft appdynamics bluemedora contrastsecurity cyberark datadoghq datastax dynatrace forgerock google ibm pagerduty riverbed signalsciences wavefront tibco solace snyk samba splunk sumologic synopsys yugabyte anynines CWE-200	7.8
2019-07-31	CVE-2018-16860	Improperly Implemented Security Check for Standard vulnerability in multiple products A flaw was found in samba's Heimdal KDC implementation, versions 4.8.x up to, excluding 4.8.12, 4.9.x up to, excluding 4.9.8 and 4.10.x up to, excluding 4.10.3, when used in AD DC mode. network high complexity samba heimdal-project CWE-358	7.5
2019-06-19	CVE-2019-12436	NULL Pointer Dereference vulnerability in multiple products Samba 4.10.x before 4.10.5 has a NULL pointer dereference, leading to an AD DC LDAP server Denial of Service. network low complexity samba canonical CWE-476	6.5
2019-06-19	CVE-2019-12435	NULL Pointer Dereference vulnerability in Samba Samba 4.9.x before 4.9.9 and 4.10.x before 4.10.5 has a NULL pointer dereference, leading to Denial of Service. network low complexity samba CWE-476	6.5
2019-04-09	CVE-2019-3880	Path Traversal vulnerability in multiple products A flaw was found in the way samba implemented an RPC endpoint emulating the Windows registry service API. network low complexity samba debian redhat fedoraproject opensuse CWE-22	5.4
2019-04-09	CVE-2019-3870	Incorrect Default Permissions vulnerability in multiple products A vulnerability was found in Samba from version (including) 4.9 to versions before 4.9.6 and 4.10.2. local low complexity samba fedoraproject synology CWE-276	6.1
2019-03-06	CVE-2019-3824	Out-of-bounds Read vulnerability in multiple products A flaw was found in the way an LDAP search expression could crash the shared LDAP server process of a samba AD DC in samba before version 4.10. network low complexity samba debian canonical CWE-125	6.5
2018-11-28	CVE-2018-16857	Improperly Implemented Security Check for Standard vulnerability in Samba 4.9.0/4.9.1/4.9.2 Samba from version 4.9.0 and before version 4.9.3 that have AD DC configurations watching for bad passwords (to restrict brute forcing of passwords) in a window of more than 3 minutes may not watch for bad passwords at all. network high complexity samba CWE-358	5.9

Vulnerabilities > Samba {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Samba"}]}

Vulnerabilities > Samba