Vulnerabilities > Samba > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-11-28 | CVE-2018-16852 | NULL Pointer Dereference vulnerability in Samba 4.9.0/4.9.1/4.9.2 Samba from version 4.9.0 and before version 4.9.3 is vulnerable to a NULL pointer de-reference. | 4.4 |
| 2018-11-28 | CVE-2018-16851 | NULL Pointer Dereference vulnerability in multiple products Samba from version 4.0.0 and before versions 4.7.12, 4.8.7, 4.9.3 is vulnerable to a denial of service. | 6.5 |
| 2018-11-28 | CVE-2018-16841 | Double Free vulnerability in multiple products Samba from version 4.3.0 and before versions 4.7.12, 4.8.7 and 4.9.3 are vulnerable to a denial of service. | 6.5 |
| 2018-11-28 | CVE-2018-14629 | Infinite Loop vulnerability in multiple products A denial of service vulnerability was discovered in Samba's LDAP server before versions 4.7.12, 4.8.7, and 4.9.3. | 6.5 |
| 2018-10-31 | CVE-2016-2125 | Improper Input Validation vulnerability in multiple products It was found that Samba before versions 4.5.3, 4.4.8, 4.3.13 always requested forwardable tickets when using Kerberos authentication. | 6.5 |
| 2018-08-22 | CVE-2018-10919 | Information Exposure vulnerability in multiple products The Samba Active Directory LDAP server was vulnerable to an information disclosure flaw because of missing access control checks. | 6.5 |
| 2018-08-22 | CVE-2018-10918 | NULL Pointer Dereference vulnerability in multiple products A null pointer dereference flaw was found in the way samba checked database outputs from the LDB database layer. | 6.5 |
| 2018-08-22 | CVE-2018-1140 | Improper Input Validation vulnerability in Samba A missing input sanitization flaw was found in the implementation of LDP database used for the LDAP server. | 6.5 |
| 2018-03-13 | CVE-2018-1050 | NULL Pointer Dereference vulnerability in multiple products All versions of Samba from 4.0.0 onwards are vulnerable to a denial of service attack when the RPC spoolss service is configured to be run as an external daemon. | 4.3 |
| 2017-06-06 | CVE-2017-9461 | Infinite Loop vulnerability in multiple products smbd in Samba before 4.4.10 and 4.5.x before 4.5.6 has a denial of service vulnerability (fd_open_atomic infinite loop with high CPU usage and memory consumption) due to wrongly handling dangling symlinks. | 6.5 |