Vulnerabilities > Samba > Samba > 3.2.12

DATE CVE VULNERABILITY TITLE RISK
2023-11-03 CVE-2023-3961 Path Traversal vulnerability in multiple products
A path traversal vulnerability was identified in Samba when processing client pipe names connecting to Unix domain sockets within a private directory.
network
low complexity
samba redhat fedoraproject CWE-22
critical
9.8
2023-11-03 CVE-2023-42670 A flaw was found in Samba.
network
low complexity
samba fedoraproject
6.5
2023-11-03 CVE-2023-4091 Incorrect Default Permissions vulnerability in multiple products
A vulnerability was discovered in Samba, where the flaw allows SMB clients to truncate files, even with read-only permissions when the Samba VFS module "acl_xattr" is configured with "acl_xattr:ignore system acls = yes".
network
low complexity
samba fedoraproject redhat CWE-276
6.5
2023-10-25 CVE-2023-5568 Out-of-bounds Write vulnerability in Samba
A heap-based Buffer Overflow flaw was discovered in Samba.
network
low complexity
samba CWE-787
6.5
2023-07-20 CVE-2023-34966 Infinite Loop vulnerability in multiple products
An infinite loop vulnerability was found in Samba's mdssvc RPC service for Spotlight.
network
low complexity
samba fedoraproject redhat debian CWE-835
7.5
2023-07-20 CVE-2023-34967 Type Confusion vulnerability in multiple products
A Type Confusion vulnerability was found in Samba's mdssvc RPC service for Spotlight.
network
low complexity
samba fedoraproject redhat debian CWE-843
5.3
2023-07-20 CVE-2023-34968 A path disclosure vulnerability was found in Samba.
network
low complexity
samba fedoraproject redhat debian
5.3
2022-12-25 CVE-2022-42898 Integer Overflow or Wraparound vulnerability in multiple products
PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow), and cause a denial of service on other platforms.
network
low complexity
mit heimdal-project samba CWE-190
8.8
2022-08-25 CVE-2022-2031 Improper Authentication vulnerability in Samba
A flaw was found in Samba.
network
low complexity
samba CWE-287
8.8
2022-08-25 CVE-2022-32742 Unspecified vulnerability in Samba
A flaw was found in Samba.
network
low complexity
samba
4.3