samba vulnerabilities and exploits

7.8
CVSSv2
CVE-2019-9506

The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka "KNOB") that can decrypt...

5.5
CVSSv2
CVE-2018-16838

A flaw was found in sssd Group Policy Objects implementation. When the GPO is not readable by SSSD due to a too strict permission settings on the server side, SSSD will allow all authenticated users to login instead of denying access....

2.7
CVSSv2
CVE-2019-3811

A vulnerability was found in sssd. If a user was configured with no home directory set, sssd would return '/' (the root directory) instead of '' (the empty string / no home directory). This could impact services that restrict the user's filesystem access...

6.8
CVSSv2
CVE-2014-8184

A vulnerability was found in liblouis, versions 2.5.x before 2.5.4. A stack-based buffer overflow was found in findTable() in liblouis. An attacker could create a malicious file that would cause applications that use liblouis (such as Orca) to crash, or potentially execute...

1.9
CVSSv2
CVE-2009-1215

Race condition in GNU screen 4.0.3 allows local users to create or overwrite arbitrary files via a symlink attack on the /tmp/screen-exchange temporary file....

GnuGnu Screen
NA
CVE-2019-8699

Apple iOS could allow a remote attacker to bypass security restrictions, caused by a logic issue in the Telephony component. An attacker could exploit this vulnerability to cause the recipient to answer a simultaneous Walkie-Talkie connection....

NA
CVE-2019-8659

Apple watchOS could allow a remote attacker to bypass security restrictions, caused by an error in the Messages component. By persuading a victim to open specially-crafted content, an attacker could exploit this vulnerability to alter state....

NA
CVE-2019-8682

Apple watchOS could allow a remote attacker to bypass security restrictions, caused by an error in the Wallet component. By persuading a victim to open specially-crafted content, an attacker could exploit this vulnerability to complete an in-app purchase while on the lock screen....

NA
CVE-2019-8665

Apple watchOS is vulnerable to a denial of service, caused by an error in the Messages component. By persuading a victim to open specially-crafted content, an attacker could exploit this vulnerability to cause the application to terminate....

NA
CVE-2019-8624

Apple watchOS could allow a remote attacker to obtain sensitive information, caused by an out-of-bounds read flaw in the Digital Touch component. By persuading a victim to open a specially-crafted content, an attacker could exploit this vulnerability to obtain sensitive...