Vulnerabilities > Samba

DATE CVE VULNERABILITY TITLE RISK
2021-10-12 CVE-2021-3671 NULL Pointer Dereference vulnerability in Samba
A null pointer de-reference was found in the way samba kerberos server handled missing sname in TGS-REQ (Ticket Granting Server - Request).
network
low complexity
samba CWE-476
4.0
2021-05-27 CVE-2020-14387 Improper Validation of Certificate with Host Mismatch vulnerability in Samba Rsync
A flaw was found in rsync in versions since 3.2.0pre1.
network
samba CWE-297
5.8
2021-05-12 CVE-2020-27840 Out-of-bounds Read vulnerability in multiple products
A flaw was found in samba.
network
low complexity
samba debian fedoraproject CWE-125
5.0
2021-05-12 CVE-2021-20277 Out-of-bounds Read vulnerability in multiple products
A flaw was found in Samba's libldb.
network
low complexity
samba debian fedoraproject CWE-125
5.0
2021-05-05 CVE-2021-20254 Out-of-bounds Read vulnerability in multiple products
A flaw was found in samba.
4.9
2021-04-19 CVE-2021-20208 Incorrect Privilege Assignment vulnerability in multiple products
A flaw was found in cifs-utils in versions before 6.13.
network
samba redhat CWE-266
4.9
2020-12-03 CVE-2020-14318 Incorrect Privilege Assignment vulnerability in multiple products
A flaw was found in the way samba handled file and directory permissions.
network
low complexity
samba redhat CWE-266
4.0
2020-12-02 CVE-2020-14383 A flaw was found in samba's DNS server.
network
low complexity
samba redhat
4.0
2020-10-29 CVE-2020-14323 NULL Pointer Dereference vulnerability in multiple products
A null pointer dereference flaw was found in samba's Winbind service in versions before 4.11.15, before 4.12.9 and before 4.13.1.
local
low complexity
samba opensuse fedoraproject debian CWE-476
2.1
2020-09-09 CVE-2020-14342 OS Command Injection vulnerability in Samba Cifs-Utils
It was found that cifs-utils' mount.cifs was invoking a shell when requesting the Samba password, which could be used to inject arbitrary commands.
local
samba CWE-78
4.4