Vulnerabilities > Samba > High

DATE CVE VULNERABILITY TITLE RISK
2022-03-02 CVE-2021-23192 Unspecified vulnerability in Samba
A flaw was found in the way samba implemented DCE/RPC.
network
low complexity
samba
7.5
2022-03-02 CVE-2021-3738 Use After Free vulnerability in Samba
In DCE/RPC it is possible to share the handles (cookies for resource state) between multiple connections via a mechanism called 'association groups'.
network
low complexity
samba CWE-416
8.8
2022-02-21 CVE-2021-44142 Out-of-bounds Write vulnerability in multiple products
The Samba vfs_fruit module uses extended file attributes (EA, xattr) to provide "...enhanced compatibility with Apple SMB clients and interoperability with a Netatalk 3 AFP fileserver." Samba versions prior to 4.13.17, 4.14.12 and 4.15.5 with vfs_fruit configured allow out-of-bounds heap read and write via specially crafted extended file attributes.
8.8
2022-02-18 CVE-2020-25717 Improper Input Validation vulnerability in multiple products
A flaw was found in the way Samba maps domain users to local users.
network
low complexity
samba debian fedoraproject redhat canonical CWE-20
8.1
2022-02-18 CVE-2020-25718 Missing Authorization vulnerability in multiple products
A flaw was found in the way samba, as an Active Directory Domain Controller, is able to support an RODC (read-only domain controller).
network
low complexity
samba fedoraproject CWE-862
8.8
2022-02-18 CVE-2020-25719 Race Condition vulnerability in multiple products
A flaw was found in the way Samba, as an Active Directory Domain Controller, implemented Kerberos name-based authentication.
7.2
2022-02-18 CVE-2020-25722 Incorrect Authorization vulnerability in multiple products
Multiple flaws were found in the way samba AD DC implemented access and conformance checking of stored data.
network
low complexity
samba debian fedoraproject canonical CWE-863
8.8
2021-05-27 CVE-2020-14387 Unspecified vulnerability in Samba Rsync
A flaw was found in rsync in versions since 3.2.0pre1.
network
high complexity
samba
7.4
2021-05-12 CVE-2020-27840 A flaw was found in samba.
network
low complexity
samba debian fedoraproject
7.5
2021-05-12 CVE-2021-20277 Out-of-bounds Write vulnerability in multiple products
A flaw was found in Samba's libldb.
network
low complexity
samba debian fedoraproject CWE-787
7.5