Vulnerabilities > Samba
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-08-25 | CVE-2022-32744 | Authentication Bypass by Spoofing vulnerability in Samba A flaw was found in Samba. | 8.8 |
| 2022-08-25 | CVE-2022-32745 | Use of Uninitialized Resource vulnerability in Samba A flaw was found in Samba. | 8.1 |
| 2022-08-25 | CVE-2022-32746 | Use After Free vulnerability in Samba A flaw was found in the Samba AD LDAP server. | 5.4 |
| 2022-08-23 | CVE-2021-20316 | Race Condition vulnerability in multiple products A flaw was found in the way Samba handled file/directory metadata. | 6.8 |
| 2022-08-23 | CVE-2021-3670 | MaxQueryDuration not honoured in Samba AD DC LDAP | 6.5 |
| 2022-08-02 | CVE-2022-29154 | Improper Input Validation vulnerability in multiple products An issue was discovered in rsync before 3.2.5 that allows malicious remote servers to write arbitrary files inside the directories of connecting peers. | 7.4 |
| 2022-04-28 | CVE-2022-29869 | Information Exposure Through Log Files vulnerability in multiple products cifs-utils through 6.14, with verbose logging, can cause an information leak when a file contains = (equal sign) characters but is not a valid credentials file. | 5.3 |
| 2022-04-27 | CVE-2022-27239 | Out-of-bounds Write vulnerability in multiple products In cifs-utils through 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root privileges. | 7.8 |
| 2022-03-16 | CVE-2020-25721 | Improper Input Validation vulnerability in Samba Kerberos acceptors need easy access to stable AD identifiers (eg objectSid). | 8.8 |
| 2022-03-02 | CVE-2021-23192 | Unspecified vulnerability in Samba A flaw was found in the way samba implemented DCE/RPC. | 7.5 |