High

DATE	CVE	VULNERABILITY TITLE	RISK
2018-08-22	CVE-2018-10858	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A heap-buffer overflow was found in the way samba clients processed extra long filename in a directory listing. network low complexity debian canonical samba redhat CWE-119	8.8
2018-08-22	CVE-2018-1139	Insufficiently Protected Credentials vulnerability in multiple products A flaw was found in the way samba before 4.7.9 and 4.8.4 allowed the use of weak NTLMv1 authentication even when NTLMv1 was explicitly disabled. network high complexity samba redhat canonical CWE-522	8.1
2018-07-27	CVE-2017-12151	Cryptographic Issues vulnerability in multiple products A flaw was found in the way samba client before samba 4.4.16, samba 4.5.14 and samba 4.6.8 used encryption with the max protocol set as SMB3. network high complexity samba redhat debian hp CWE-310	7.4
2018-07-26	CVE-2017-12150	It was found that samba before 4.4.16, 4.5.x before 4.5.14, and 4.6.x before 4.6.8 did not enforce "SMB signing" when certain configuration options were enabled. network high complexity samba redhat debian	7.4
2018-07-26	CVE-2017-12163	Information Exposure vulnerability in multiple products An information leak flaw was found in the way SMB1 protocol was implemented by Samba before 4.4.16, 4.5.x before 4.5.14, and 4.6.x before 4.6.8. low complexity samba redhat debian CWE-200	7.1
2018-03-13	CVE-2018-1057	Incorrect Authorization vulnerability in multiple products On a Samba 4 AD DC the LDAP server in all versions of Samba from 4.0.0 onwards incorrectly validates permissions to modify passwords over LDAP allowing authenticated users to change any other users' passwords, including administrative users and privileged service accounts (eg Domain Controllers). network low complexity debian canonical samba CWE-863	8.8
2018-03-12	CVE-2017-2619	Link Following vulnerability in multiple products Samba before versions 4.6.1, 4.5.7 and 4.4.11 are vulnerable to a malicious client using a symlink race to allow access to areas of the server file system not exported under the share definition. network high complexity samba redhat debian CWE-59	7.5
2018-01-17	CVE-2018-5764	The parse_arguments function in options.c in rsyncd in rsync before 3.1.3 does not prevent multiple --protect-args uses, which allows remote attackers to bypass an argument-sanitization protection mechanism. network low complexity samba debian canonical	7.5
2017-11-27	CVE-2017-15275	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Samba before 4.7.3 might allow remote attackers to obtain sensitive information by leveraging failure of the server to clear allocated heap memory. network low complexity samba redhat debian canonical CWE-119	7.5
2017-07-13	CVE-2017-11103	Insufficient Verification of Data Authenticity vulnerability in multiple products Heimdal before 7.4 allows remote attackers to impersonate services with Orpheus' Lyre attacks because it obtains service-principal names in a way that violates the Kerberos 5 protocol specification. network high complexity heimdal-project freebsd samba apple debian CWE-345	8.1