samba
249 tracked vulnerabilities.
CVE-2022-29154
HIGH
rsync < 3.2.5 - Arbitrary File Write via Insufficient File Name Validation
Aug 02, 2022
CVSS 7.4
EPSS 0.02
CVE-2022-29869
MEDIUM
cifs-utils <= 6.14 - Information Disclosure via Verbose Logging
Apr 28, 2022
CVSS 5.3
EPSS 0.02
CVE-2022-27239
HIGH
cifs-utils < 6.15 - Stack-based Buffer Overflow via mount.cifs ip Argument
Apr 27, 2022
CVSS 7.8
EPSS 0.01
CVE-2021-20251
MEDIUM
Samba 4.1.0-4.16.7 - Race Condition in Password Lockout Mechanism
Mar 06, 2023
CVSS 5.9
EPSS 0.01
CVE-2021-3670
MEDIUM
Samba 4.1.0-4.15.9 - Uncontrolled Resource Consumption via MaxQueryDuration LDAP Bypass
Aug 23, 2022
CVSS 6.5
EPSS 0.02
CVE-2021-20316
MEDIUM
Samba < 4.15.0 - Authenticated Race Condition in File/Directory Metadata Handling
Aug 23, 2022
CVSS 6.8
EPSS 0.01
CVE-2021-3738
HIGH
Samba 4.0.0-4.13.14 - Use-After-Free in DCE/RPC Association Groups
Mar 02, 2022
CVSS 8.8
EPSS 0.02
CVE-2021-23192
HIGH
Samba 4.10.0-4.13.13 - DCE/RPC Request Fragment Signature Bypass
Mar 02, 2022
CVSS 7.5
EPSS 0.02
CVE-2021-44141
MEDIUM
Samba < 4.15.5 - Unauthenticated Exposure of Sensitive Information via SMB1 Symlink
Feb 21, 2022
CVSS 4.3
EPSS 0.01
CVE-2021-44142
HIGH
Samba < 4.13.17 - Out-of-bounds Read and Write via Extended File Attributes
Feb 21, 2022
CVSS 8.8
EPSS 0.74
CVE-2021-43566
LOW
Samba <4.13.16 - Directory Traversal
Jan 11, 2022
CVSS 2.5
EPSS 0.00
CVE-2021-3671
MEDIUM
Samba < 4.13.12 - Authenticated Denial of Service via Missing sname in TGS-REQ
Oct 12, 2021
CVSS 6.5
EPSS 0.02
CVE-2021-20277
HIGH
Samba 4.0.0-4.12.12 - Denial of Service via LDAP Attribute with Leading Spaces
May 12, 2021
CVSS 7.5
EPSS 0.04
CVE-2021-20254
MEDIUM
Samba >=3.6.0 <4.12.15 - Out-of-bounds Read in Group Identity Mapping
May 05, 2021
CVSS 6.8
EPSS 0.02
CVE-2021-20208
MEDIUM
cifs-utils < 6.13 - Unauthenticated Kerberos Credential Exposure via Container Mount
Apr 19, 2021
CVSS 6.1
EPSS 0.01
CVE-2020-25721
HIGH
Samba 4.13.0-4.13.13 - Improper Input Validation in Kerberos Ticket Handling
Mar 16, 2022
CVSS 8.8
EPSS 0.02
CVE-2020-25722
HIGH
Samba >=4.0.0 <4.13.14 - Incorrect Authorization
Feb 18, 2022
CVSS 8.8
EPSS 0.02
CVE-2020-25719
HIGH
Samba 4.0.0-4.13.14 - Improper Authentication via Kerberos PAC Handling
Feb 18, 2022
CVSS 7.2
EPSS 0.02
CVE-2020-25718
HIGH
samba 4.0.0-4.13.13 - Missing Authorization for RODC Administrator Ticket Printing
Feb 18, 2022
CVSS 8.8
EPSS 0.02
CVE-2020-25717
HIGH
Samba 3.0.0-4.13.13 - Authenticated Privilege Escalation via Domain User Mapping
Feb 18, 2022
CVSS 8.1
EPSS 0.02
CVE-2020-14387
HIGH
rsync 3.2.0pre1-3.2.3 - Unauthenticated Man-in-the-Middle via Certificate Hostname Mismatch
May 27, 2021
CVSS 7.4
EPSS 0.01
CVE-2020-27840
HIGH
Samba >=4.0.0 <4.12.13 - Out-of-bounds Read via Domain Name String Parsing
May 12, 2021
CVSS 7.5
EPSS 0.04
CVE-2020-14318
MEDIUM
Samba 3.6.0-4.11.14 - Authenticated Improper Privilege Management
Dec 03, 2020
CVSS 4.3
EPSS 0.02
CVE-2020-14383
MEDIUM
Samba 4.0.0-4.11.14 - Authenticated Denial of Service via DNS RPC Server
Dec 02, 2020
CVSS 6.5
EPSS 0.02
CVE-2020-17049
MEDIUM
Windows Server 2012, 2016, 2019 and Samba 4.1.0-4.13.12 - Security Feature Bypass in Kerberos Constrained Delegation
Nov 11, 2020
CVSS 6.6
EPSS 0.14
Quick Filters