High

DATE	CVE	VULNERABILITY TITLE	RISK
2022-08-02	CVE-2022-29154	Improper Input Validation vulnerability in multiple products An issue was discovered in rsync before 3.2.5 that allows malicious remote servers to write arbitrary files inside the directories of connecting peers. network high complexity samba fedoraproject CWE-20	7.4
2022-04-27	CVE-2022-27239	Out-of-bounds Write vulnerability in multiple products In cifs-utils through 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root privileges. local low complexity samba debian suse hp fedoraproject CWE-787	7.8
2022-03-16	CVE-2020-25721	Improper Input Validation vulnerability in Samba Kerberos acceptors need easy access to stable AD identifiers (eg objectSid). network low complexity samba CWE-20	8.8
2022-03-02	CVE-2021-23192	Unspecified vulnerability in Samba A flaw was found in the way samba implemented DCE/RPC. network low complexity samba	7.5
2022-03-02	CVE-2021-3738	Use After Free vulnerability in Samba In DCE/RPC it is possible to share the handles (cookies for resource state) between multiple connections via a mechanism called 'association groups'. network low complexity samba CWE-416	8.8
2022-02-21	CVE-2021-44142	Out-of-bounds Write vulnerability in multiple products The Samba vfs_fruit module uses extended file attributes (EA, xattr) to provide "...enhanced compatibility with Apple SMB clients and interoperability with a Netatalk 3 AFP fileserver." Samba versions prior to 4.13.17, 4.14.12 and 4.15.5 with vfs_fruit configured allow out-of-bounds heap read and write via specially crafted extended file attributes. network low complexity samba debian canonical synology fedoraproject redhat CWE-787	8.8
2022-02-18	CVE-2020-25717	Improper Input Validation vulnerability in multiple products A flaw was found in the way Samba maps domain users to local users. network low complexity samba debian fedoraproject redhat canonical CWE-20	8.1
2022-02-18	CVE-2020-25718	Missing Authorization vulnerability in multiple products A flaw was found in the way samba, as an Active Directory Domain Controller, is able to support an RODC (read-only domain controller). network low complexity samba fedoraproject CWE-862	8.8
2022-02-18	CVE-2020-25719	Race Condition vulnerability in multiple products A flaw was found in the way Samba, as an Active Directory Domain Controller, implemented Kerberos name-based authentication. network low complexity samba debian fedoraproject canonical redhat CWE-362	7.2
2022-02-18	CVE-2020-25722	Incorrect Authorization vulnerability in multiple products Multiple flaws were found in the way samba AD DC implemented access and conformance checking of stored data. network low complexity samba debian fedoraproject canonical CWE-863	8.8