samba

244 tracked vulnerabilities.

CVE-2023-0614 MEDIUM
Samba 4.0.0-4.16.9 - Exposure of Sensitive Information via LDAP Filter Bypass
Apr 03, 2023
CVSS 6.5
EPSS 0.00
CVE-2023-0225 MEDIUM
Samba >=4.17.0 <4.17.7 - Authenticated Incorrect Permission Assignment for Critical Resource
Apr 03, 2023
CVSS 4.3
EPSS 0.00
CVE-2022-2127 MEDIUM
Samba 4.16.0-4.16.9 - Out-of-bounds Read in Winbind NTLM Authentication
Jul 20, 2023
CVSS 5.9
EPSS 0.01
CVE-2022-45141 CRITICAL
Samba < 4.15.13 - Inadequate Encryption Strength in Kerberos Ticket Issuance
Mar 06, 2023
CVSS 9.8
EPSS 0.01
CVE-2022-3592 MEDIUM
Samba 4.17.0-4.17.1 - Symbolic Link Following via SMB1 Unix Extensions or NFS
Jan 12, 2023
CVSS 6.5
EPSS 0.01
CVE-2022-3437 MEDIUM
Samba 4.0.0-4.15.10 - Heap-based Buffer Overflow in GSSAPI DES/3DES Decryption
Jan 12, 2023
CVSS 6.5
EPSS 0.01
CVE-2022-42898 HIGH
MIT Kerberos 5 < 1.19.4/1.20.x < 1.20.1 - RCE & DoS via PAC Parsing Integer Overflow
Dec 25, 2022
CVSS 8.8
EPSS 0.08
CVE-2022-44640 CRITICAL
Heimdal < 7.7.1 - Remote Code Execution via ASN.1 Codec Double Free
Dec 25, 2022
CVSS 9.8
EPSS 0.01
CVE-2022-4603 MEDIUM
ppp < 2.5.0 - Improper Validation of Array Index in pppdump dumpppp Function
Dec 18, 2022
CVSS 4.3
EPSS 0.00
CVE-2022-38023 HIGH
Netlogon RPC - Privilege Escalation
Nov 09, 2022
CVSS 8.1
EPSS 0.00
CVE-2022-37967 HIGH
Windows Kerberos - Privilege Escalation
Nov 09, 2022
CVSS 7.2
EPSS 0.03
CVE-2022-37966 HIGH
Windows Kerberos <RC4-HMAC - Privilege Escalation
Nov 09, 2022
CVSS 8.1
EPSS 0.01
CVE-2022-32743 HIGH
Samba 4.1.0-4.16.9 - Unauthenticated Incorrect Default Permissions via dNSHostName Attribute
Sep 01, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-1615 MEDIUM
Samba 4.1.0-4.16.9 - Use of Insufficiently Random Values via GnuTLS gnutls_rnd()
Sep 01, 2022
CVSS 5.5
EPSS 0.00
CVE-2022-0336 HIGH
Samba 4.0.0-4.13.17 - Denial of Service and Service Impersonation via SPN Re-addition
Aug 29, 2022
CVSS 8.8
EPSS 0.00
CVE-2022-32746 MEDIUM
Samba 4.3.0-4.14.13 - Use-After-Free in AD DC Database Audit Logging Module
Aug 25, 2022
CVSS 5.4
EPSS 0.00
CVE-2022-32745 HIGH
Samba 4.13.14-4.14.14 - Out-of-bounds Read via LDAP Add or Modify Request
Aug 25, 2022
CVSS 8.1
EPSS 0.00
CVE-2022-32744 HIGH
Samba 4.3.0-4.14.13 - Authentication Bypass via Kpasswd Request Spoofing
Aug 25, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-32742 MEDIUM
Samba < 4.14.14 - Exposure of Sensitive Information via SMB1 Write Request
Aug 25, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-2031 HIGH
Samba < 4.14.14 - Authentication Bypass via Shared KDC and kpasswd Keys
Aug 25, 2022
CVSS 8.8
EPSS 0.00
CVE-2022-29154 HIGH
rsync < 3.2.5 - Arbitrary File Write via Insufficient File Name Validation
Aug 02, 2022
CVSS 7.4
EPSS 0.01
CVE-2022-29869 MEDIUM
cifs-utils <= 6.14 - Information Disclosure via Verbose Logging
Apr 28, 2022
CVSS 5.3
EPSS 0.01
CVE-2022-27239 HIGH
cifs-utils < 6.15 - Stack-based Buffer Overflow via mount.cifs ip Argument
Apr 27, 2022
CVSS 7.8
EPSS 0.00
CVE-2021-20251 MEDIUM
Samba 4.1.0-4.16.7 - Race Condition in Password Lockout Mechanism
Mar 06, 2023
CVSS 5.9
EPSS 0.00
CVE-2021-3670 MEDIUM
Samba 4.1.0-4.15.9 - Uncontrolled Resource Consumption via MaxQueryDuration LDAP Bypass
Aug 23, 2022
CVSS 6.5
EPSS 0.03
Products
samba 210 rsync 24 cifs-utils 4 ppp 3 jitterbug 1 samba_server 1 volume_service 1
Quick Filters
Critical CVEs With Exploits In CISA KEV