Vulnerabilities > Samba > Samba > 4.8.4
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-11-06 | CVE-2019-14833 | Weak Password Requirements vulnerability in multiple products A flaw was found in Samba, all versions starting samba 4.5.0 before samba 4.9.15, samba 4.10.10, samba 4.11.2, in the way it handles a user password change or a new password for a samba user. | 5.4 |
| 2019-11-06 | CVE-2019-10218 | Path Traversal vulnerability in multiple products A flaw was found in the samba client, all samba versions before samba 4.11.2, 4.10.10 and 4.9.15, where a malicious server can supply a pathname to the client with separators. | 6.5 |
| 2019-07-31 | CVE-2018-16860 | Improperly Implemented Security Check for Standard vulnerability in multiple products A flaw was found in samba's Heimdal KDC implementation, versions 4.8.x up to, excluding 4.8.12, 4.9.x up to, excluding 4.9.8 and 4.10.x up to, excluding 4.10.3, when used in AD DC mode. | 6.0 |
| 2019-04-09 | CVE-2019-3880 | Path Traversal vulnerability in multiple products A flaw was found in the way samba implemented an RPC endpoint emulating the Windows registry service API. | 5.4 |
| 2019-03-06 | CVE-2019-3824 | Out-of-bounds Read vulnerability in multiple products A flaw was found in the way an LDAP search expression could crash the shared LDAP server process of a samba AD DC in samba before version 4.10. | 4.0 |
| 2018-11-28 | CVE-2018-16853 | Resource Exhaustion vulnerability in Samba Samba from version 4.7.0 has a vulnerability that allows a user in a Samba AD domain to crash the KDC when Samba is built in the non-default MIT Kerberos configuration. | 4.3 |
| 2018-11-28 | CVE-2018-16851 | NULL Pointer Dereference vulnerability in multiple products Samba from version 4.0.0 and before versions 4.7.12, 4.8.7, 4.9.3 is vulnerable to a denial of service. | 4.0 |
| 2018-11-28 | CVE-2018-16841 | Double Free vulnerability in multiple products Samba from version 4.3.0 and before versions 4.7.12, 4.8.7 and 4.9.3 are vulnerable to a denial of service. | 4.0 |
| 2018-11-28 | CVE-2018-14629 | Infinite Loop vulnerability in multiple products A denial of service vulnerability was discovered in Samba's LDAP server before versions 4.7.12, 4.8.7, and 4.9.3. | 4.0 |