Vulnerabilities > Samba
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-05-27 | CVE-2020-14387 | Improper Validation of Certificate With Host Mismatch vulnerability in Samba Rsync A flaw was found in rsync in versions since 3.2.0pre1. | 5.8 |
| 2021-05-12 | CVE-2020-27840 | Out-Of-Bounds Read vulnerability in multiple products A flaw was found in samba. | 5.0 |
| 2021-05-12 | CVE-2021-20277 | Out-Of-Bounds Read vulnerability in multiple products A flaw was found in Samba's libldb. | 5.0 |
| 2021-05-05 | CVE-2021-20254 | Out-Of-Bounds Read vulnerability in multiple products A flaw was found in samba. | 4.9 |
| 2021-04-19 | CVE-2021-20208 | Incorrect Privilege Assignment vulnerability in multiple products A flaw was found in cifs-utils in versions before 6.13. | 4.9 |
| 2020-12-03 | CVE-2020-14318 | Incorrect Privilege Assignment vulnerability in multiple products A flaw was found in the way samba handled file and directory permissions. | 4.0 |
| 2020-12-02 | CVE-2020-14383 | A flaw was found in samba's DNS server. | 4.0 |
| 2020-10-29 | CVE-2020-14323 | Improper Null Termination vulnerability in multiple products A null pointer dereference flaw was found in samba's Winbind service in versions before 4.11.15, before 4.12.9 and before 4.13.1. | 2.1 |
| 2020-09-09 | CVE-2020-14342 | OS Command Injection vulnerability in Samba Cifs-Utils It was found that cifs-utils' mount.cifs was invoking a shell when requesting the Samba password, which could be used to inject arbitrary commands. | 4.4 |
| 2020-08-17 | CVE-2020-1472 | Improper Privilege Management vulnerability in multiple products An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC), aka 'Netlogon Elevation of Privilege Vulnerability'. | 9.3 |