Vulnerabilities > Samba
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-12-03 | CVE-2020-14318 | Incorrect Privilege Assignment vulnerability in multiple products A flaw was found in the way samba handled file and directory permissions. | 4.0 |
2020-12-02 | CVE-2020-14383 | A flaw was found in samba's DNS server. | 4.0 |
2020-10-29 | CVE-2020-14323 | Improper Null Termination vulnerability in multiple products A null pointer dereference flaw was found in samba's Winbind service in versions before 4.11.15, before 4.12.9 and before 4.13.1. | 2.1 |
2020-09-09 | CVE-2020-14342 | OS Command Injection vulnerability in Samba Cifs-Utils It was found that cifs-utils' mount.cifs was invoking a shell when requesting the Samba password, which could be used to inject arbitrary commands. | 4.4 |
2020-08-17 | CVE-2020-1472 | Improper Privilege Management vulnerability in multiple products An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC), aka 'Netlogon Elevation of Privilege Vulnerability'. | 9.3 |
2020-07-07 | CVE-2020-10745 | Resource Exhaustion vulnerability in multiple products A flaw was found in all Samba versions before 4.10.17, before 4.11.11 and before 4.12.4 in the way it processed NetBios over TCP/IP. | 7.8 |
2020-07-07 | CVE-2020-10730 | USE After Free vulnerability in multiple products A NULL pointer dereference, or possible use-after-free flaw was found in Samba AD LDAP server in versions before 4.10.17, before 4.11.11 and before 4.12.4. | 4.0 |
2020-07-06 | CVE-2020-10760 | USE After Free vulnerability in multiple products A use-after-free flaw was found in all samba LDAP server versions before 4.10.17, before 4.11.11, before 4.12.4 used in a AC DC configuration. | 4.0 |
2020-07-06 | CVE-2020-14303 | Improper Input Validation vulnerability in multiple products A flaw was found in the AD DC NBT server in all Samba versions before 4.10.17, before 4.11.11 and before 4.12.4. | 5.0 |
2020-05-06 | CVE-2020-10704 | Classic Buffer Overflow vulnerability in multiple products A flaw was found when using samba as an Active Directory Domain Controller. | 5.0 |