samba
249 tracked vulnerabilities.
CVE-2023-3347
MEDIUM
Samba 4.17.0-4.17.9 - Improper Enforcement of Message Integrity in SMB2 Packet Signing
Jul 20, 2023
CVSS 5.9
EPSS 0.00
CVE-2023-34968
MEDIUM
Samba < 4.16.11 - Path Disclosure via Spotlight Protocol
Jul 20, 2023
CVSS 5.3
EPSS 0.01
CVE-2023-34967
MEDIUM
Samba < 4.16.11 - Denial of Service via mdssvc RPC Spotlight Type Confusion
Jul 20, 2023
CVSS 5.3
EPSS 0.63
CVE-2023-34966
HIGH
Samba < 4.16.11 - Denial of Service via Spotlight mdssvc RPC Packet Parsing
Jul 20, 2023
CVSS 7.5
EPSS 0.62
CVE-2023-0922
MEDIUM
Samba >=4.0.0 <4.16.10 - Cleartext Transmission of Sensitive Information via LDAP Password Operations
Apr 03, 2023
CVSS 5.9
EPSS 0.00
CVE-2023-0614
MEDIUM
Samba 4.0.0-4.16.9 - Exposure of Sensitive Information via LDAP Filter Bypass
Apr 03, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-0225
MEDIUM
Samba >=4.17.0 <4.17.7 - Authenticated Incorrect Permission Assignment for Critical Resource
Apr 03, 2023
CVSS 4.3
EPSS 0.01
CVE-2022-2127
MEDIUM
Samba 4.16.0-4.16.9 - Out-of-bounds Read in Winbind NTLM Authentication
Jul 20, 2023
CVSS 5.9
EPSS 0.02
CVE-2022-45141
CRITICAL
Samba < 4.15.13 - Inadequate Encryption Strength in Kerberos Ticket Issuance
Mar 06, 2023
CVSS 9.8
EPSS 0.00
CVE-2022-3592
MEDIUM
Samba 4.17.0-4.17.1 - Symbolic Link Following via SMB1 Unix Extensions or NFS
Jan 12, 2023
CVSS 6.5
EPSS 0.02
CVE-2022-3437
MEDIUM
Samba 4.0.0-4.15.10 - Heap-based Buffer Overflow in GSSAPI DES/3DES Decryption
Jan 12, 2023
CVSS 6.5
EPSS 0.04
CVE-2022-42898
HIGH
MIT Kerberos 5 < 1.19.4/1.20.x < 1.20.1 - RCE & DoS via PAC Parsing Integer Overflow
Dec 25, 2022
CVSS 8.8
EPSS 0.06
CVE-2022-44640
CRITICAL
Heimdal < 7.7.1 - Remote Code Execution via ASN.1 Codec Double Free
Dec 25, 2022
CVSS 9.8
EPSS 0.02
CVE-2022-4603
MEDIUM
ppp < 2.5.0 - Improper Validation of Array Index in pppdump dumpppp Function
Dec 18, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-38023
HIGH
Netlogon RPC - Privilege Escalation
Nov 09, 2022
CVSS 8.1
EPSS 0.02
CVE-2022-37967
HIGH
Windows Kerberos - Privilege Escalation
Nov 09, 2022
CVSS 7.2
EPSS 0.04
CVE-2022-37966
HIGH
Windows Kerberos <RC4-HMAC - Privilege Escalation
Nov 09, 2022
CVSS 8.1
EPSS 0.03
CVE-2022-32743
HIGH
Samba 4.1.0-4.16.9 - Unauthenticated Incorrect Default Permissions via dNSHostName Attribute
Sep 01, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-1615
MEDIUM
Samba 4.1.0-4.16.9 - Use of Insufficiently Random Values via GnuTLS gnutls_rnd()
Sep 01, 2022
CVSS 5.5
EPSS 0.00
CVE-2022-0336
HIGH
Samba 4.0.0-4.13.17 - Denial of Service and Service Impersonation via SPN Re-addition
Aug 29, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-32746
MEDIUM
Samba 4.3.0-4.14.13 - Use-After-Free in AD DC Database Audit Logging Module
Aug 25, 2022
CVSS 5.4
EPSS 0.01
CVE-2022-32745
HIGH
Samba 4.13.14-4.14.14 - Out-of-bounds Read via LDAP Add or Modify Request
Aug 25, 2022
CVSS 8.1
EPSS 0.01
CVE-2022-32744
HIGH
Samba 4.3.0-4.14.13 - Authentication Bypass via Kpasswd Request Spoofing
Aug 25, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-32742
MEDIUM
Samba < 4.14.14 - Exposure of Sensitive Information via SMB1 Write Request
Aug 25, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-2031
HIGH
Samba < 4.14.14 - Authentication Bypass via Shared KDC and kpasswd Keys
Aug 25, 2022
CVSS 8.8
EPSS 0.01
Quick Filters