Vulnerabilities > Samba > Samba > 4.6.1

DATE CVE VULNERABILITY TITLE RISK
2019-04-09 CVE-2019-3880 Path Traversal vulnerability in multiple products
A flaw was found in the way samba implemented an RPC endpoint emulating the Windows registry service API.
network
low complexity
samba debian redhat fedoraproject opensuse CWE-22
5.4
5.4
2019-03-06 CVE-2019-3824 Out-of-bounds Read vulnerability in multiple products
A flaw was found in the way an LDAP search expression could crash the shared LDAP server process of a samba AD DC in samba before version 4.10.
network
low complexity
samba debian canonical CWE-125
6.5
6.5
2018-11-28 CVE-2018-16851 NULL Pointer Dereference vulnerability in multiple products
Samba from version 4.0.0 and before versions 4.7.12, 4.8.7, 4.9.3 is vulnerable to a denial of service.
network
low complexity
samba canonical debian CWE-476
6.5
6.5
2018-11-28 CVE-2018-16841 Double Free vulnerability in multiple products
Samba from version 4.3.0 and before versions 4.7.12, 4.8.7 and 4.9.3 are vulnerable to a denial of service.
network
low complexity
samba canonical debian CWE-415
6.5
6.5
2018-11-28 CVE-2018-14629 Infinite Loop vulnerability in multiple products
A denial of service vulnerability was discovered in Samba's LDAP server before versions 4.7.12, 4.8.7, and 4.9.3.
network
low complexity
samba canonical debian CWE-835
6.5
6.5
2018-08-22 CVE-2018-10919 Information Exposure vulnerability in multiple products
The Samba Active Directory LDAP server was vulnerable to an information disclosure flaw because of missing access control checks.
network
low complexity
canonical debian samba CWE-200
6.5
6.5
2018-08-22 CVE-2018-10858 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
A heap-buffer overflow was found in the way samba clients processed extra long filename in a directory listing.
network
low complexity
debian canonical samba redhat CWE-119
8.8
8.8
2018-07-27 CVE-2017-12151 Cryptographic Issues vulnerability in multiple products
A flaw was found in the way samba client before samba 4.4.16, samba 4.5.14 and samba 4.6.8 used encryption with the max protocol set as SMB3.
network
high complexity
samba redhat debian hp CWE-310
7.4
7.4
2018-07-26 CVE-2017-12150 It was found that samba before 4.4.16, 4.5.x before 4.5.14, and 4.6.x before 4.6.8 did not enforce "SMB signing" when certain configuration options were enabled.
network
high complexity
samba redhat debian
7.4
7.4
2018-07-26 CVE-2017-12163 An information leak flaw was found in the way SMB1 protocol was implemented by Samba before 4.4.16, 4.5.x before 4.5.14, and 4.6.x before 4.6.8.
low complexity
samba redhat debian
7.1
7.1