samba

244 tracked vulnerabilities.

CVE-2018-16841 MEDIUM
Samba 4.3.0-4.7.11 - Denial of Service via Smart-Card Authentication Double Free
Nov 28, 2018
CVSS 6.5
EPSS 0.07
CVE-2018-14629 MEDIUM
Samba 4.0.0-4.7.11 - Denial of Service via LDAP CNAME Loop Recursion
Nov 28, 2018
CVSS 6.5
EPSS 0.09
CVE-2018-10919 MEDIUM
Canonical Ubuntu Linux < 4.6.16 - Information Disclosure
Aug 22, 2018
CVSS 4.3
EPSS 0.01
CVE-2018-10918 MEDIUM
Samba 4.7.0-4.7.8 - Authenticated Denial of Service via LDB Database Layer
Aug 22, 2018
CVSS 5.2
EPSS 0.04
CVE-2018-10858 MEDIUM
Debian Linux < 4.6.16 - Memory Corruption
Aug 22, 2018
CVSS 4.3
EPSS 0.06
CVE-2018-1140 MEDIUM
Samba 4.8.0-4.8.3 - Denial of Service via LDAP Input Sanitization Flaw
Aug 22, 2018
CVSS 6.5
EPSS 0.15
CVE-2018-1139 HIGH
Samba <4.7.9, 4.8.4 - Info Disclosure
Aug 22, 2018
CVSS 8.1
EPSS 0.02
CVE-2018-1057 HIGH
Canonical Ubuntu Linux < 4.5.16 - Incorrect Authorization
Mar 13, 2018
CVSS 8.8
EPSS 0.08
CVE-2018-1050 MEDIUM
Canonical Ubuntu Linux < 4.5.16 - NULL Pointer Dereference
Mar 13, 2018
CVSS 4.3
EPSS 0.20
CVE-2018-5764 HIGH
rsync < 3.1.3 - Argument Sanitization Bypass via Multiple --protect-args Uses
Jan 17, 2018
CVSS 7.5
EPSS 0.10
CVE-2017-12151 HIGH
Samba <4.4.16-4.6.8 - Info Disclosure
Jul 27, 2018
CVSS 7.4
EPSS 0.04
CVE-2017-12150 HIGH
samba <4.4.16-4.6.8 - Info Disclosure
Jul 26, 2018
CVSS 7.4
EPSS 0.21
CVE-2017-12163 MEDIUM
Samba <4.4.16-4.6.8 - Info Disclosure
Jul 26, 2018
CVSS 4.1
EPSS 0.41
CVE-2017-2619 HIGH
Samba < 4.4.12 - Symlink Race Condition
Mar 12, 2018
CVSS 7.5
EPSS 0.47
CVE-2017-17434 CRITICAL
rsync 3.1.2,3.1.3-dev - Info Disclosure
Dec 06, 2017
CVSS 9.8
EPSS 0.01
CVE-2017-17433 LOW
Debian Linux - Missing Authorization
Dec 06, 2017
CVSS 3.7
EPSS 0.02
CVE-2017-15275 HIGH
Samba 3.6.0-4.5.14 - Information Disclosure via Heap Memory Exposure
Nov 27, 2017
CVSS 7.5
EPSS 0.43
CVE-2017-14746 CRITICAL
Samba 4.0.0-4.5.0 - Remote Code Execution via SMB1 Request
Nov 27, 2017
CVSS 9.8
EPSS 0.31
CVE-2017-16548 CRITICAL
rsync 2.6.9-3.1.2 - Out-of-bounds Read in receive_xattr
Nov 06, 2017
CVSS 9.8
EPSS 0.03
CVE-2017-15994 CRITICAL
rsync 3.1.3-development - Info Disclosure
Oct 29, 2017
CVSS 9.8
EPSS 0.00
CVE-2017-11103 HIGH
Heimdal < 7.4 - Remote Service Impersonation via Orpheus' Lyre Attack
Jul 13, 2017
CVSS 8.1
EPSS 0.05
CVE-2017-9461 MEDIUM
Samba < 4.4.10 and 4.5.x < 4.5.6 - Denial of Service via Dangling Symlink Handling
Jun 06, 2017
CVSS 6.5
EPSS 0.03
CVE-2017-7494 CRITICAL KEV
Samba is_known_pipename() Arbitrary Module Load
May 30, 2017
CVSS 9.8
EPSS 0.94
CVE-2016-2124 MEDIUM
Samba 3.0.0-4.13.13 - Improper Authentication via SMB1 Plaintext Password Exposure
Feb 18, 2022
CVSS 5.9
EPSS 0.01
CVE-2016-2123 HIGH
Samba 4.0.0-4.5.2 - Authenticated Memory Corruption via LDAP dnsRecord Attribute
Nov 01, 2018
CVSS 8.8
EPSS 0.01
Products
samba 210 rsync 24 cifs-utils 4 ppp 3 jitterbug 1 samba_server 1 volume_service 1
Quick Filters
Critical CVEs With Exploits In CISA KEV