Vulnerabilities > Samba
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-10-12 | CVE-2021-3671 | NULL Pointer Dereference vulnerability in Samba A null pointer de-reference was found in the way samba kerberos server handled missing sname in TGS-REQ (Ticket Granting Server - Request). | 4.0 |
| 2021-05-27 | CVE-2020-14387 | Improper Validation of Certificate with Host Mismatch vulnerability in Samba Rsync A flaw was found in rsync in versions since 3.2.0pre1. | 5.8 |
| 2021-05-12 | CVE-2020-27840 | Out-of-bounds Read vulnerability in multiple products A flaw was found in samba. | 5.0 |
| 2021-05-12 | CVE-2021-20277 | Out-of-bounds Read vulnerability in multiple products A flaw was found in Samba's libldb. | 5.0 |
| 2021-05-05 | CVE-2021-20254 | Out-of-bounds Read vulnerability in multiple products A flaw was found in samba. | 4.9 |
| 2021-04-19 | CVE-2021-20208 | Incorrect Privilege Assignment vulnerability in multiple products A flaw was found in cifs-utils in versions before 6.13. | 4.9 |
| 2020-12-03 | CVE-2020-14318 | Incorrect Privilege Assignment vulnerability in multiple products A flaw was found in the way samba handled file and directory permissions. | 4.0 |
| 2020-12-02 | CVE-2020-14383 | A flaw was found in samba's DNS server. | 4.0 |
| 2020-10-29 | CVE-2020-14323 | NULL Pointer Dereference vulnerability in multiple products A null pointer dereference flaw was found in samba's Winbind service in versions before 4.11.15, before 4.12.9 and before 4.13.1. | 2.1 |
| 2020-09-09 | CVE-2020-14342 | OS Command Injection vulnerability in Samba Cifs-Utils It was found that cifs-utils' mount.cifs was invoking a shell when requesting the Samba password, which could be used to inject arbitrary commands. | 4.4 |