Vulnerabilities > Samba > Samba > 4.9.9
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-02-18 | CVE-2020-25719 | Race Condition vulnerability in multiple products A flaw was found in the way Samba, as an Active Directory Domain Controller, implemented Kerberos name-based authentication. | 7.2 |
| 2022-02-18 | CVE-2020-25722 | Incorrect Authorization vulnerability in multiple products Multiple flaws were found in the way samba AD DC implemented access and conformance checking of stored data. | 8.8 |
| 2022-01-11 | CVE-2021-43566 | Race Condition vulnerability in Samba All versions of Samba prior to 4.13.16 are vulnerable to a malicious client using an SMB1 or NFS race to allow a directory to be created in an area of the server file system not exported under the share definition. | 2.5 |
| 2021-10-12 | CVE-2021-3671 | NULL Pointer Dereference vulnerability in multiple products A null pointer de-reference was found in the way samba kerberos server handled missing sname in TGS-REQ (Ticket Granting Server - Request). | 6.5 |
| 2021-05-12 | CVE-2020-27840 | A flaw was found in samba. | 7.5 |
| 2021-05-12 | CVE-2021-20277 | Out-of-bounds Write vulnerability in multiple products A flaw was found in Samba's libldb. | 7.5 |
| 2021-05-05 | CVE-2021-20254 | A flaw was found in samba. | 6.8 |
| 2020-12-03 | CVE-2020-14318 | A flaw was found in the way samba handled file and directory permissions. | 4.3 |
| 2020-12-02 | CVE-2020-14383 | A flaw was found in samba's DNS server. | 6.5 |
| 2020-10-29 | CVE-2020-14323 | NULL Pointer Dereference vulnerability in multiple products A null pointer dereference flaw was found in samba's Winbind service in versions before 4.11.15, before 4.12.9 and before 4.13.1. | 5.5 |