Vulnerabilities > Samba > Samba > 4.3.11

DATE CVE VULNERABILITY TITLE RISK
2019-03-06 CVE-2019-3824 Out-of-bounds Read vulnerability in multiple products
A flaw was found in the way an LDAP search expression could crash the shared LDAP server process of a samba AD DC in samba before version 4.10.
network
low complexity
samba canonical debian CWE-125
4.0
4.0
2018-11-28 CVE-2018-16851 NULL Pointer Dereference vulnerability in multiple products
Samba from version 4.0.0 and before versions 4.7.12, 4.8.7, 4.9.3 is vulnerable to a denial of service.
network
low complexity
samba canonical debian CWE-476
4.0
4.0
2018-11-28 CVE-2018-16841 Double Free vulnerability in multiple products
Samba from version 4.3.0 and before versions 4.7.12, 4.8.7 and 4.9.3 are vulnerable to a denial of service.
network
low complexity
samba canonical debian CWE-415
4.0
4.0
2018-11-28 CVE-2018-14629 Infinite Loop vulnerability in multiple products
A denial of service vulnerability was discovered in Samba's LDAP server before versions 4.7.12, 4.8.7, and 4.9.3.
network
low complexity
samba canonical debian CWE-835
4.0
4.0
2018-11-01 CVE-2016-2123 Heap-based Buffer Overflow vulnerability in Samba
A flaw was found in samba versions 4.0.0 to 4.5.2.
network
low complexity
samba CWE-122
8.8
8.8
2018-10-31 CVE-2016-2125 Improper Input Validation vulnerability in multiple products
It was found that Samba before versions 4.5.3, 4.4.8, 4.3.13 always requested forwardable tickets when using Kerberos authentication.
low complexity
samba redhat CWE-20
6.5
6.5
2018-08-22 CVE-2018-10919 Information Exposure vulnerability in multiple products
The Samba Active Directory LDAP server was vulnerable to an information disclosure flaw because of missing access control checks.
network
low complexity
canonical debian samba CWE-200
4.0
4.0
2018-08-22 CVE-2018-10858 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
A heap-buffer overflow was found in the way samba clients processed extra long filename in a directory listing.
network
low complexity
debian canonical samba redhat CWE-119
6.5
6.5
2018-07-27 CVE-2017-12151 Cryptographic Issues vulnerability in multiple products
A flaw was found in the way samba client before samba 4.4.16, samba 4.5.14 and samba 4.6.8 used encryption with the max protocol set as SMB3. 		5.8
5.8
2018-07-26 CVE-2017-12150 It was found that samba before 4.4.16, 4.5.x before 4.5.14, and 4.6.x before 4.6.8 did not enforce "SMB signing" when certain configuration options were enabled.
network
samba redhat debian
5.8
5.8