Vulnerabilities > Samba

DATE	CVE	VULNERABILITY TITLE	RISK
2020-12-03	CVE-2020-14318	Incorrect Privilege Assignment vulnerability in multiple products A flaw was found in the way samba handled file and directory permissions. network low complexity samba redhat CWE-266	4.0
2020-12-02	CVE-2020-14383	A flaw was found in samba's DNS server. network low complexity samba redhat	4.0
2020-10-29	CVE-2020-14323	Improper Null Termination vulnerability in multiple products A null pointer dereference flaw was found in samba's Winbind service in versions before 4.11.15, before 4.12.9 and before 4.13.1. local low complexity samba fedoraproject opensuse CWE-170	2.1
2020-09-09	CVE-2020-14342	OS Command Injection vulnerability in Samba Cifs-Utils It was found that cifs-utils' mount.cifs was invoking a shell when requesting the Samba password, which could be used to inject arbitrary commands. local samba CWE-78	4.4
2020-08-17	CVE-2020-1472	Improper Privilege Management vulnerability in multiple products An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC), aka 'Netlogon Elevation of Privilege Vulnerability'. network microsoft fedoraproject opensuse canonical synology samba CWE-269 critical	9.3
2020-07-07	CVE-2020-10745	Resource Exhaustion vulnerability in multiple products A flaw was found in all Samba versions before 4.10.17, before 4.11.11 and before 4.12.4 in the way it processed NetBios over TCP/IP. network low complexity samba fedoraproject opensuse CWE-400	7.8
2020-07-07	CVE-2020-10730	USE After Free vulnerability in multiple products A NULL pointer dereference, or possible use-after-free flaw was found in Samba AD LDAP server in versions before 4.10.17, before 4.11.11 and before 4.12.4. network low complexity samba redhat opensuse fedoraproject CWE-416	4.0
2020-07-06	CVE-2020-10760	USE After Free vulnerability in multiple products A use-after-free flaw was found in all samba LDAP server versions before 4.10.17, before 4.11.11, before 4.12.4 used in a AC DC configuration. network low complexity samba canonical opensuse fedoraproject CWE-416	4.0
2020-07-06	CVE-2020-14303	Improper Input Validation vulnerability in multiple products A flaw was found in the AD DC NBT server in all Samba versions before 4.10.17, before 4.11.11 and before 4.12.4. network low complexity samba fedoraproject opensuse CWE-20	5.0
2020-05-06	CVE-2020-10704	Classic Buffer Overflow vulnerability in multiple products A flaw was found when using samba as an Active Directory Domain Controller. network low complexity samba fedoraproject opensuse CWE-120	5.0

Vulnerabilities > Samba {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Samba"}]}

Vulnerabilities > Samba