High

DATE	CVE	VULNERABILITY TITLE	RISK
2023-07-20	CVE-2023-34966	Infinite Loop vulnerability in multiple products An infinite loop vulnerability was found in Samba's mdssvc RPC service for Spotlight. network low complexity samba fedoraproject redhat debian CWE-835	7.5
2022-12-25	CVE-2022-42898	Integer Overflow or Wraparound vulnerability in multiple products PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow), and cause a denial of service on other platforms. network low complexity mit heimdal-project samba CWE-190	8.8
2022-09-01	CVE-2022-32743	Incorrect Default Permissions vulnerability in multiple products Samba does not validate the Validated-DNS-Host-Name right for the dNSHostName attribute which could permit unprivileged users to write it. network low complexity samba fedoraproject CWE-276	7.5
2022-08-29	CVE-2022-0336	Incorrect Default Permissions vulnerability in multiple products The Samba AD DC includes checks when adding service principals names (SPNs) to an account to ensure that SPNs do not alias with those already in the database. network low complexity samba fedoraproject CWE-276	8.8
2022-08-25	CVE-2022-2031	Improper Authentication vulnerability in Samba A flaw was found in Samba. network low complexity samba CWE-287	8.8
2022-08-25	CVE-2022-32744	Authentication Bypass by Spoofing vulnerability in Samba A flaw was found in Samba. network low complexity samba CWE-290	8.8
2022-08-25	CVE-2022-32745	Use of Uninitialized Resource vulnerability in Samba A flaw was found in Samba. network low complexity samba CWE-908	8.1
2022-08-02	CVE-2022-29154	Improper Input Validation vulnerability in multiple products An issue was discovered in rsync before 3.2.5 that allows malicious remote servers to write arbitrary files inside the directories of connecting peers. network high complexity samba fedoraproject CWE-20	7.4
2022-04-27	CVE-2022-27239	Out-of-bounds Write vulnerability in multiple products In cifs-utils through 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root privileges. local low complexity samba debian suse hp fedoraproject CWE-787	7.8
2022-03-16	CVE-2020-25721	Improper Input Validation vulnerability in Samba Kerberos acceptors need easy access to stable AD identifiers (eg objectSid). network low complexity samba CWE-20	8.8