Vulnerabilities > Samba > Samba > 4.0.15

DATE CVE VULNERABILITY TITLE RISK
2019-11-06 CVE-2019-14847 NULL Pointer Dereference vulnerability in multiple products
A flaw was found in samba 4.0.0 before samba 4.9.15 and samba 4.10.x before 4.10.10.
network
low complexity
samba opensuse fedoraproject CWE-476
4.9
4.9
2019-11-06 CVE-2019-10218 Path Traversal vulnerability in multiple products
A flaw was found in the samba client, all samba versions before samba 4.11.2, 4.10.10 and 4.9.15, where a malicious server can supply a pathname to the client with separators.
network
low complexity
samba fedoraproject CWE-22
6.5
6.5
2019-04-09 CVE-2019-3880 Path Traversal vulnerability in multiple products
A flaw was found in the way samba implemented an RPC endpoint emulating the Windows registry service API.
network
low complexity
samba debian redhat fedoraproject opensuse CWE-22
5.4
5.4
2019-03-06 CVE-2019-3824 Out-of-bounds Read vulnerability in multiple products
A flaw was found in the way an LDAP search expression could crash the shared LDAP server process of a samba AD DC in samba before version 4.10.
network
low complexity
samba canonical debian CWE-125
4.0
4.0
2018-11-28 CVE-2018-16851 NULL Pointer Dereference vulnerability in multiple products
Samba from version 4.0.0 and before versions 4.7.12, 4.8.7, 4.9.3 is vulnerable to a denial of service.
network
low complexity
samba canonical debian CWE-476
4.0
4.0
2018-11-28 CVE-2018-14629 Infinite Loop vulnerability in multiple products
A denial of service vulnerability was discovered in Samba's LDAP server before versions 4.7.12, 4.8.7, and 4.9.3.
network
low complexity
samba canonical debian CWE-835
4.0
4.0
2018-11-01 CVE-2016-2123 Heap-based Buffer Overflow vulnerability in Samba
A flaw was found in samba versions 4.0.0 to 4.5.2.
network
low complexity
samba CWE-122
8.8
8.8
2018-10-31 CVE-2016-2125 Improper Input Validation vulnerability in multiple products
It was found that Samba before versions 4.5.3, 4.4.8, 4.3.13 always requested forwardable tickets when using Kerberos authentication.
low complexity
samba redhat CWE-20
6.5
6.5
2018-08-22 CVE-2018-10919 Information Exposure vulnerability in multiple products
The Samba Active Directory LDAP server was vulnerable to an information disclosure flaw because of missing access control checks.
network
low complexity
canonical debian samba CWE-200
4.0
4.0
2018-08-22 CVE-2018-10858 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
A heap-buffer overflow was found in the way samba clients processed extra long filename in a directory listing.
network
low complexity
debian canonical samba redhat CWE-119
6.5
6.5