Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
samba samba 4.0.0 vulnerabilities and exploits
(subscribe to this query)
578
VMScore
CVE-2018-1057
On a Samba 4 AD DC the LDAP server in all versions of Samba from 4.0.0 onwards incorrectly validates permissions to modify passwords over LDAP allowing authenticated users to change any other users' passwords, including administrative users and privileged service accounts (e...
Debian Debian Linux 8.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 17.10
Samba Samba
1 Article
534
VMScore
CVE-2013-1863
Samba 4.x prior to 4.0.4, when configured as an Active Directory domain controller, uses world-writable permissions on non-default CIFS shares, which allows remote authenticated users to read, modify, create, or delete arbitrary files via standard filesystem operations.
Samba Samba 4.0.3
Samba Samba 4.0.0
Samba Samba 4.0.2
Samba Samba 4.0.1
516
VMScore
CVE-2013-6442
The owner_set function in smbcacls.c in smbcacls in Samba 4.0.x prior to 4.0.16 and 4.1.x prior to 4.1.6 removes an ACL during use of a --chown or --chgrp option, which allows remote malicious users to bypass intended access restrictions in opportunistic circumstances by leveragi...
Samba Samba 4.1.1
Samba Samba 4.1.2
Samba Samba 4.1.4
Samba Samba 4.1.5
Samba Samba 4.1.0
Samba Samba 4.1.3
Samba Samba 4.0.0
Samba Samba 4.0.1
Samba Samba 4.0.4
Samba Samba 4.0.5
Samba Samba 4.0.14
Samba Samba 4.0.15
Samba Samba 4.0.2
Samba Samba 4.0.3
Samba Samba 4.0.12
Samba Samba 4.0.13
Samba Samba 4.0.8
Samba Samba 4.0.9
Samba Samba 4.0.10
Samba Samba 4.0.11
Samba Samba 4.0.6
Samba Samba 4.0.7
454
VMScore
CVE-2013-0213
The Samba Web Administration Tool (SWAT) in Samba 3.x prior to 3.5.21, 3.6.x prior to 3.6.12, and 4.x prior to 4.0.2 allows remote malicious users to conduct clickjacking attacks via a (1) FRAME or (2) IFRAME element.
Samba Samba 3.5.15
Samba Samba 3.5.14
Samba Samba 3.5.6
Samba Samba 3.5.5
Samba Samba 3.4.16
Samba Samba 3.4.15
Samba Samba 3.4.8
Samba Samba 3.4.7
Samba Samba 3.4.6
Samba Samba 3.3.9
Samba Samba 3.3.10
Samba Samba 3.3.12
Samba Samba 3.3.13
Samba Samba 3.2.0
Samba Samba 3.2.14
Samba Samba 3.2.7
Samba Samba 3.2.2
Samba Samba 3.1.0
Samba Samba 3.0.28
Samba Samba 3.0.16
Samba Samba 3.0.15
Samba Samba 3.0.11
454
VMScore
CVE-2013-0214
Cross-site request forgery (CSRF) vulnerability in the Samba Web Administration Tool (SWAT) in Samba 3.x prior to 3.5.21, 3.6.x prior to 3.6.12, and 4.x prior to 4.0.2 allows remote malicious users to hijack the authentication of arbitrary users by leveraging knowledge of a passw...
Samba Samba 3.6.5
Samba Samba 3.6.6
Samba Samba 3.6.1
Samba Samba 3.6.2
Samba Samba 3.6.9
Samba Samba 3.6.10
Samba Samba 3.6.3
Samba Samba 3.6.4
Samba Samba 3.6.11
Samba Samba 3.6.0
Samba Samba 3.6.7
Samba Samba 3.6.8
Samba Samba 4.0.0
Samba Samba 4.0.1
Samba Samba 3.5.14
Samba Samba 3.5.13
Samba Samba 3.5.6
Samba Samba 3.5.5
Samba Samba 3.4.15
Samba Samba 3.4.14
Samba Samba 3.4.7
Samba Samba 3.4.6
445
VMScore
CVE-2021-40029
There is a Buffer overflow vulnerability due to a boundary error with the Samba server in the file management module in smartphones. Successful exploitation of this vulnerability may affect function stability.
Huawei Harmonyos
Huawei Emui 10.0.0
Huawei Emui 10.1.0
Huawei Emui 10.1.1
Huawei Emui 11.0.0
Huawei Emui 11.0.1
Huawei Emui 12.0.0
Huawei Magic Ui 3.0.0
Huawei Magic Ui 3.1.0
Huawei Magic Ui 3.1.1
Huawei Magic Ui 4.0.0
445
VMScore
CVE-2021-40035
There is a Buffer overflow vulnerability due to a boundary error with the Samba server in the file management module in smartphones. Successful exploitation of this vulnerability may affect function stability.
Huawei Harmonyos
Huawei Emui 10.0.0
Huawei Emui 10.1.0
Huawei Emui 10.1.1
Huawei Emui 11.0.0
Huawei Emui 11.0.1
Huawei Emui 12.0.0
Huawei Magic Ui 3.0.0
Huawei Magic Ui 3.1.0
Huawei Magic Ui 3.1.1
Huawei Magic Ui 4.0.0
436
VMScore
CVE-2016-0771
The internal DNS server in Samba 4.x prior to 4.1.23, 4.2.x prior to 4.2.9, 4.3.x prior to 4.3.6, and 4.4.x prior to 4.4.0rc4, when an AD DC is configured, allows remote authenticated users to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information...
Samba Samba 4.3.4
Samba Samba 4.3.3
Samba Samba 4.2.6
Samba Samba 4.2.5
Samba Samba 4.2.0
Samba Samba 4.1.21
Samba Samba 4.1.20
Samba Samba 4.1.14
Samba Samba 4.1.13
Samba Samba 4.0.8
Samba Samba 4.0.7
Samba Samba 4.0.6
Samba Samba 4.0.21
Samba Samba 4.0.20
Samba Samba 4.0.14
Samba Samba 4.0.13
Samba Samba 4.4.0
Samba Samba 4.1.22
Samba Samba 4.3.2
Samba Samba 4.2.2
Samba Samba 4.2.1
Samba Samba 4.1.6
356
VMScore
CVE-2019-14847
A flaw was found in samba 4.0.0 before samba 4.9.15 and samba 4.10.x prior to 4.10.10. An attacker can crash AD DC LDAP server via dirsync resulting in denial of service. Privilege escalation is not possible with this issue.
Samba Samba
Opensuse Leap 15.0
Fedoraproject Fedora 29
Fedoraproject Fedora 30
356
VMScore
CVE-2018-14629
A denial of service vulnerability exists in Samba's LDAP server prior to 4.7.12, 4.8.7, and 4.9.3. A CNAME loop could lead to infinite recursion in the server. An unprivileged local attacker could create such an entry, leading to denial of service.
Samba Samba
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Debian Debian Linux 9.0
Debian Debian Linux 8.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injection
CVE-2024-35894
SQL
CVE-2024-5105
CVE-2014-100005
CVE-2024-35895
unauthorized
CVE-2024-22120
CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »