Vulnerabilities > Samba > Samba > 4.5.9
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-11-06 | CVE-2019-14833 | Weak Password Requirements vulnerability in multiple products A flaw was found in Samba, all versions starting samba 4.5.0 before samba 4.9.15, samba 4.10.10, samba 4.11.2, in the way it handles a user password change or a new password for a samba user. | 5.4 |
2019-11-06 | CVE-2019-10218 | Path Traversal vulnerability in multiple products A flaw was found in the samba client, all samba versions before samba 4.11.2, 4.10.10 and 4.9.15, where a malicious server can supply a pathname to the client with separators. | 6.5 |
2019-04-09 | CVE-2019-3880 | Path Traversal vulnerability in multiple products A flaw was found in the way samba implemented an RPC endpoint emulating the Windows registry service API. | 5.4 |
2019-03-06 | CVE-2019-3824 | Out-of-bounds Read vulnerability in multiple products A flaw was found in the way an LDAP search expression could crash the shared LDAP server process of a samba AD DC in samba before version 4.10. | 4.0 |
2018-11-28 | CVE-2018-16851 | NULL Pointer Dereference vulnerability in multiple products Samba from version 4.0.0 and before versions 4.7.12, 4.8.7, 4.9.3 is vulnerable to a denial of service. | 4.0 |
2018-11-28 | CVE-2018-16841 | Double Free vulnerability in multiple products Samba from version 4.3.0 and before versions 4.7.12, 4.8.7 and 4.9.3 are vulnerable to a denial of service. | 4.0 |
2018-11-28 | CVE-2018-14629 | Infinite Loop vulnerability in multiple products A denial of service vulnerability was discovered in Samba's LDAP server before versions 4.7.12, 4.8.7, and 4.9.3. | 4.0 |
2018-08-22 | CVE-2018-10919 | Information Exposure vulnerability in multiple products The Samba Active Directory LDAP server was vulnerable to an information disclosure flaw because of missing access control checks. | 4.0 |
2018-08-22 | CVE-2018-10858 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A heap-buffer overflow was found in the way samba clients processed extra long filename in a directory listing. | 6.5 |
2018-07-27 | CVE-2017-12151 | Cryptographic Issues vulnerability in multiple products A flaw was found in the way samba client before samba 4.4.16, samba 4.5.14 and samba 4.6.8 used encryption with the max protocol set as SMB3. | 5.8 |