Vulnerabilities > Synology > Directory Server > Medium

DATE CVE VULNERABILITY TITLE RISK
2020-01-21 CVE-2019-19344 Use After Free vulnerability in multiple products
There is a use-after-free issue in all samba 4.9.x versions before 4.9.18, all samba 4.10.x versions before 4.10.12 and all samba 4.11.x versions before 4.11.5, essentially due to a call to realloc() while other local variables still point at the original buffer.
network
low complexity
samba canonical synology opensuse CWE-416
6.5
2020-01-21 CVE-2019-14907 Out-of-bounds Read vulnerability in multiple products
All samba versions 4.9.x before 4.9.18, 4.10.x before 4.10.12 and 4.11.x before 4.11.5 have an issue where if it is set with "log level = 3" (or above) then the string obtained from the client, after a failed character conversion, is printed.
6.5
2019-04-09 CVE-2019-3870 Incorrect Default Permissions vulnerability in multiple products
A vulnerability was found in Samba from version (including) 4.9 to versions before 4.9.6 and 4.10.2.
local
low complexity
samba fedoraproject synology CWE-276
6.1