Vulnerabilities > Samba > Samba > 4.9.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-11-28 | CVE-2018-16857 | Improperly Implemented Security Check for Standard vulnerability in Samba 4.9.0/4.9.1/4.9.2 Samba from version 4.9.0 and before version 4.9.3 that have AD DC configurations watching for bad passwords (to restrict brute forcing of passwords) in a window of more than 3 minutes may not watch for bad passwords at all. | 4.3 |
| 2018-11-28 | CVE-2018-16853 | Resource Exhaustion vulnerability in Samba Samba from version 4.7.0 has a vulnerability that allows a user in a Samba AD domain to crash the KDC when Samba is built in the non-default MIT Kerberos configuration. | 4.3 |
| 2018-11-28 | CVE-2018-16852 | NULL Pointer Dereference vulnerability in Samba 4.9.0/4.9.1/4.9.2 Samba from version 4.9.0 and before version 4.9.3 is vulnerable to a NULL pointer de-reference. | 3.5 |
| 2018-11-28 | CVE-2018-16851 | NULL Pointer Dereference vulnerability in multiple products Samba from version 4.0.0 and before versions 4.7.12, 4.8.7, 4.9.3 is vulnerable to a denial of service. | 4.0 |
| 2018-11-28 | CVE-2018-16841 | Double Free vulnerability in multiple products Samba from version 4.3.0 and before versions 4.7.12, 4.8.7 and 4.9.3 are vulnerable to a denial of service. | 4.0 |
| 2018-11-28 | CVE-2018-14629 | Infinite Loop vulnerability in multiple products A denial of service vulnerability was discovered in Samba's LDAP server before versions 4.7.12, 4.8.7, and 4.9.3. | 4.0 |