samba
249 tracked vulnerabilities.
CVE-2017-11103
HIGH
Heimdal < 7.4 - Remote Service Impersonation via Orpheus' Lyre Attack
Jul 13, 2017
CVSS 8.1
EPSS 0.05
CVE-2017-9461
MEDIUM
Samba < 4.4.10 and 4.5.x < 4.5.6 - Denial of Service via Dangling Symlink Handling
Jun 06, 2017
CVSS 6.5
EPSS 0.04
CVE-2017-7494
CRITICAL
KEV
Samba is_known_pipename() Arbitrary Module Load
May 30, 2017
CVSS 9.8
EPSS 0.99
CVE-2016-2124
MEDIUM
Samba 3.0.0-4.13.13 - Improper Authentication via SMB1 Plaintext Password Exposure
Feb 18, 2022
CVSS 5.9
EPSS 0.02
CVE-2016-2123
HIGH
Samba 4.0.0-4.5.2 - Authenticated Memory Corruption via LDAP dnsRecord Attribute
Nov 01, 2018
CVSS 8.8
EPSS 0.06
CVE-2016-2125
MEDIUM
Samba < 4.3.13 - Improper Authentication via Forwardable Kerberos Ticket Request
Oct 31, 2018
CVSS 6.5
EPSS 0.09
CVE-2016-2126
MEDIUM
Samba 4.0.0-4.5.2 - Authenticated Privilege Escalation via PAC Checksum Handling
May 11, 2017
CVSS 6.5
EPSS 0.07
CVE-2016-2119
HIGH
Samba 4.0.0-4.2.13 - Man-in-the-Middle Spoofing via SMB2 Session Flags
Jul 07, 2016
CVSS 7.5
EPSS 0.03
CVE-2016-2115
MEDIUM
Canonical Ubuntu Linux - Security Feature Bypass
Apr 25, 2016
CVSS 5.9
EPSS 0.10
CVE-2016-2114
MEDIUM
Samba 4.x < 4.2.11, 4.3.x < 4.3.8, 4.4.x < 4.4.2 - Man-in-the-Middle Attack via SMB1 Protocol
Apr 25, 2016
CVSS 5.9
EPSS 0.03
CVE-2016-2113
HIGH
Samba 4.x < 4.2.11, 4.3.x < 4.3.8, 4.4.x < 4.4.2 - Man-in-the-Middle via Unverified X.509 Certificates
Apr 25, 2016
CVSS 7.4
EPSS 0.03
CVE-2016-2112
MEDIUM
Samba 3.x-4.4.x - LDAP Protocol Downgrade via Missing SASL Wrapping Enforcement
Apr 25, 2016
CVSS 5.9
EPSS 0.09
CVE-2016-2111
MEDIUM
Samba 3.x-4.4.x - Remote Sensitive Session Information Disclosure via NETLOGON Computer Name Spoofing
Apr 25, 2016
CVSS 6.3
EPSS 0.03
CVE-2016-2110
MEDIUM
Samba 3.x-4.4.x - Man-in-the-Middle Protocol Downgrade via NTLMSSP Flag Manipulation
Apr 25, 2016
CVSS 5.9
EPSS 0.08
CVE-2016-2118
HIGH
Samba 3.6.0-4.2.9, 4.3.0-4.3.7, 4.4.0-4.4.1 - Man-in-the-Middle Protocol Downgrade via DCERPC Connection Tampering
Apr 12, 2016
CVSS 7.5
EPSS 0.37
CVE-2016-0771
MEDIUM
Samba 4.x < 4.1.23, 4.2.x < 4.2.9, 4.3.x < 4.3.6, 4.4.x < 4.4.0rc4 - Authenticated Denial of Service via DNS TXT Record
Mar 13, 2016
CVSS 5.9
EPSS 0.03
CVE-2015-5370
MEDIUM
Samba <4.2.11-4.4.2 - DoS/Privilege Escalation
Apr 25, 2016
CVSS 5.9
EPSS 0.19
CVE-2015-7560
MEDIUM
Samba <4.1.23, <4.2.9, <4.3.6, <4.4.0rc4 - Privilege Escalation
Mar 13, 2016
CVSS 6.5
EPSS 0.13
CVE-2015-8467
HIGH
Samba 4.x <4.1.22, 4.2.x <4.2.7, 4.3.x <4.3.3 - Privilege Escalation
Dec 29, 2015
CVSS 7.5
EPSS 0.03
CVE-2015-7540
HIGH
Samba 4.0.0-4.1.21 - Denial of Service via LDAP ASN.1 Memory Allocation
Dec 29, 2015
CVSS 7.5
EPSS 0.07
CVE-2015-5330
HIGH
Samba <4.1.22-4.3.3 - Info Disclosure
Dec 29, 2015
CVSS 7.5
EPSS 0.06
CVE-2015-5299
MEDIUM
Samba <4.1.22-4.3.3 - Info Disclosure
Dec 29, 2015
CVSS 5.3
EPSS 0.14
CVE-2015-5296
MEDIUM
Samba <4.1.22-4.3.3 - Info Disclosure
Dec 29, 2015
CVSS 5.4
EPSS 0.07
CVE-2015-5252
HIGH
Samba <4.1.22-4.3.3 - Privilege Escalation
Dec 29, 2015
CVSS 7.2
EPSS 0.13
CVE-2015-3223
MEDIUM
Samba 4.x < 4.1.22, 4.2.x < 4.2.7, 4.3.x < 4.3.3 - Denial of Service via Crafted LDAP Packets
Dec 29, 2015
CVSS 5.3
EPSS 0.07
Quick Filters