Vulnerabilities > Samba > Samba > 4.10.18
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-02-18 | CVE-2020-25718 | Missing Authorization vulnerability in multiple products A flaw was found in the way samba, as an Active Directory Domain Controller, is able to support an RODC (read-only domain controller). | 8.8 |
| 2022-02-18 | CVE-2020-25719 | Race Condition vulnerability in multiple products A flaw was found in the way Samba, as an Active Directory Domain Controller, implemented Kerberos name-based authentication. | 7.2 |
| 2022-02-18 | CVE-2020-25722 | Incorrect Authorization vulnerability in multiple products Multiple flaws were found in the way samba AD DC implemented access and conformance checking of stored data. | 8.8 |
| 2022-01-11 | CVE-2021-43566 | Race Condition vulnerability in Samba All versions of Samba prior to 4.13.16 are vulnerable to a malicious client using an SMB1 or NFS race to allow a directory to be created in an area of the server file system not exported under the share definition. | 2.5 |
| 2021-10-12 | CVE-2021-3671 | NULL Pointer Dereference vulnerability in multiple products A null pointer de-reference was found in the way samba kerberos server handled missing sname in TGS-REQ (Ticket Granting Server - Request). | 6.5 |
| 2021-05-12 | CVE-2020-27840 | Out-of-bounds Read vulnerability in multiple products A flaw was found in samba. | 7.5 |
| 2021-05-12 | CVE-2021-20277 | Out-of-bounds Write vulnerability in multiple products A flaw was found in Samba's libldb. | 7.5 |
| 2021-05-05 | CVE-2021-20254 | Out-of-bounds Read vulnerability in multiple products A flaw was found in samba. | 6.8 |
| 2020-12-03 | CVE-2020-14318 | Incorrect Privilege Assignment vulnerability in multiple products A flaw was found in the way samba handled file and directory permissions. | 4.3 |
| 2020-12-02 | CVE-2020-14383 | A flaw was found in samba's DNS server. | 6.5 |