samba

244 tracked vulnerabilities.

CVE-2016-2125 MEDIUM
Samba < 4.3.13 - Improper Authentication via Forwardable Kerberos Ticket Request
Oct 31, 2018
CVSS 6.5
EPSS 0.11
CVE-2016-2126 MEDIUM
Samba 4.0.0-4.5.2 - Authenticated Privilege Escalation via PAC Checksum Handling
May 11, 2017
CVSS 6.5
EPSS 0.05
CVE-2016-2119 HIGH
Samba 4.0.0-4.2.13 - Man-in-the-Middle Spoofing via SMB2 Session Flags
Jul 07, 2016
CVSS 7.5
EPSS 0.01
CVE-2016-2115 MEDIUM
Canonical Ubuntu Linux - Security Feature Bypass
Apr 25, 2016
CVSS 5.9
EPSS 0.23
CVE-2016-2114 MEDIUM
Samba 4.x < 4.2.11, 4.3.x < 4.3.8, 4.4.x < 4.4.2 - Man-in-the-Middle Attack via SMB1 Protocol
Apr 25, 2016
CVSS 5.9
EPSS 0.06
CVE-2016-2113 HIGH
Samba 4.x < 4.2.11, 4.3.x < 4.3.8, 4.4.x < 4.4.2 - Man-in-the-Middle via Unverified X.509 Certificates
Apr 25, 2016
CVSS 7.4
EPSS 0.04
CVE-2016-2112 MEDIUM
Samba 3.x-4.4.x - LDAP Protocol Downgrade via Missing SASL Wrapping Enforcement
Apr 25, 2016
CVSS 5.9
EPSS 0.17
CVE-2016-2111 MEDIUM
Samba 3.x-4.4.x - Remote Sensitive Session Information Disclosure via NETLOGON Computer Name Spoofing
Apr 25, 2016
CVSS 6.3
EPSS 0.03
CVE-2016-2110 MEDIUM
Samba 3.x-4.4.x - Man-in-the-Middle Protocol Downgrade via NTLMSSP Flag Manipulation
Apr 25, 2016
CVSS 5.9
EPSS 0.18
CVE-2016-2118 HIGH
Samba 3.6.0-4.2.9, 4.3.0-4.3.7, 4.4.0-4.4.1 - Man-in-the-Middle Protocol Downgrade via DCERPC Connection Tampering
Apr 12, 2016
CVSS 7.5
EPSS 0.79
CVE-2016-0771 MEDIUM
Samba 4.x < 4.1.23, 4.2.x < 4.2.9, 4.3.x < 4.3.6, 4.4.x < 4.4.0rc4 - Authenticated Denial of Service via DNS TXT Record
Mar 13, 2016
CVSS 5.9
EPSS 0.06
CVE-2015-5370 MEDIUM
Samba <4.2.11-4.4.2 - DoS/Privilege Escalation
Apr 25, 2016
CVSS 5.9
EPSS 0.21
CVE-2015-7560 MEDIUM
Samba <4.1.23, <4.2.9, <4.3.6, <4.4.0rc4 - Privilege Escalation
Mar 13, 2016
CVSS 6.5
EPSS 0.04
CVE-2015-8467 HIGH
Samba 4.x <4.1.22, 4.2.x <4.2.7, 4.3.x <4.3.3 - Privilege Escalation
Dec 29, 2015
CVSS 7.5
EPSS 0.02
CVE-2015-7540 HIGH
Samba 4.0.0-4.1.21 - Denial of Service via LDAP ASN.1 Memory Allocation
Dec 29, 2015
CVSS 7.5
EPSS 0.40
CVE-2015-5330 HIGH
Samba <4.1.22-4.3.3 - Info Disclosure
Dec 29, 2015
CVSS 7.5
EPSS 0.02
CVE-2015-5299 MEDIUM
Samba <4.1.22-4.3.3 - Info Disclosure
Dec 29, 2015
CVSS 5.3
EPSS 0.09
CVE-2015-5296 MEDIUM
Samba <4.1.22-4.3.3 - Info Disclosure
Dec 29, 2015
CVSS 5.4
EPSS 0.04
CVE-2015-5252 HIGH
Samba <4.1.22-4.3.3 - Privilege Escalation
Dec 29, 2015
CVSS 7.2
EPSS 0.17
CVE-2015-3223 MEDIUM
Samba 4.x < 4.1.22, 4.2.x < 4.2.7, 4.3.x < 4.3.3 - Denial of Service via Crafted LDAP Packets
Dec 29, 2015
CVSS 5.3
EPSS 0.20
CVE-2015-0240
Samba _netr_ServerPasswordSet Uninitialized Credential State
Feb 24, 2015
EPSS 0.91
CVE-2014-9512
rsync 3.1.1 - Arbitrary File Write via Symlink Attack
Feb 12, 2015
EPSS 0.09
CVE-2014-8143
Samba 4.0.x < 4.0.24, 4.1.x < 4.1.16, 4.2.x < 4.2rc4 - Privilege Escalation via LDB Manipulation
Jan 17, 2015
EPSS 0.05
CVE-2014-3560
Canonical Ubuntu Linux - Code Injection
Aug 06, 2014
EPSS 0.72
CVE-2014-3493
Samba 3.6.x-4.1.x - Authenticated Denial of Service via Unicode Pathname Conversion Failure
Jun 23, 2014
EPSS 0.02
Products
samba 210 rsync 24 cifs-utils 4 ppp 3 jitterbug 1 samba_server 1 volume_service 1
Quick Filters
Critical CVEs With Exploits In CISA KEV