Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
samba vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2017-8849
smb4k prior to 2.0.1 allows local users to gain root privileges by leveraging failure to verify arguments to the mount helper DBUS service.
Smb4k Project Smb4k
Debian Debian Linux 8.0
1 EDB exploit
1 Github repository
7.5
CVSSv3
CVE-2023-34966
An infinite loop vulnerability was found in Samba's mdssvc RPC service for Spotlight. When parsing Spotlight mdssvc RPC packets sent by the client, the core unmarshalling function sl_unpack_loop() did not validate a field in the network packet that contains the count of elem...
Samba Samba
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
7.5
CVSSv3
CVE-2022-32743
Samba does not validate the Validated-DNS-Host-Name right for the dNSHostName attribute which could permit unprivileged users to write it.
Samba Samba
Fedoraproject Fedora 37
7.5
CVSSv3
CVE-2021-23192
A flaw was found in the way samba implemented DCE/RPC. If a client to a Samba server sent a very large DCE/RPC request, and chose to fragment it, an attacker could replace later fragments with their own data, bypassing the signature requirements.
Samba Samba
7.5
CVSSv3
CVE-2021-40035
There is a Buffer overflow vulnerability due to a boundary error with the Samba server in the file management module in smartphones. Successful exploitation of this vulnerability may affect function stability.
Huawei Harmonyos
Huawei Emui 10.0.0
Huawei Emui 10.1.0
Huawei Emui 10.1.1
Huawei Emui 11.0.0
Huawei Emui 11.0.1
Huawei Emui 12.0.0
Huawei Magic Ui 3.0.0
Huawei Magic Ui 3.1.0
Huawei Magic Ui 3.1.1
Huawei Magic Ui 4.0.0
7.5
CVSSv3
CVE-2021-40029
There is a Buffer overflow vulnerability due to a boundary error with the Samba server in the file management module in smartphones. Successful exploitation of this vulnerability may affect function stability.
Huawei Harmonyos
Huawei Emui 10.0.0
Huawei Emui 10.1.0
Huawei Emui 10.1.1
Huawei Emui 11.0.0
Huawei Emui 11.0.1
Huawei Emui 12.0.0
Huawei Magic Ui 3.0.0
Huawei Magic Ui 3.1.0
Huawei Magic Ui 3.1.1
Huawei Magic Ui 4.0.0
7.5
CVSSv3
CVE-2020-27840
A flaw was found in samba. Spaces used in a string around a domain name (DN), while supposed to be ignored, can cause invalid DN strings with spaces to instead write a zero-byte into out-of-bounds memory, resulting in a crash. The highest threat from this vulnerability is to syst...
Samba Samba
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Fedoraproject Fedora 34
7.5
CVSSv3
CVE-2021-20277
A flaw was found in Samba's libldb. Multiple, consecutive leading spaces in an LDAP attribute can lead to an out-of-bounds memory write, leading to a crash of the LDAP server process handling the request. The highest threat from this vulnerability is to system availability.
Samba Samba
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Fedoraproject Fedora 34
7.5
CVSSv3
CVE-2020-10745
A flaw was found in all Samba versions prior to 4.10.17, prior to 4.11.11 and prior to 4.12.4 in the way it processed NetBios over TCP/IP. This flaw allows a remote attacker could to cause the Samba server to consume excessive CPU use, resulting in a denial of service. This highe...
Samba Samba
Fedoraproject Fedora 31
Opensuse Leap 15.1
Opensuse Leap 15.2
Debian Debian Linux 9.0
7.5
CVSSv3
CVE-2020-14303
A flaw was found in the AD DC NBT server in all Samba versions prior to 4.10.17, prior to 4.11.11 and prior to 4.12.4. A samba user could send an empty UDP packet to cause the samba server to crash.
Samba Samba
Fedoraproject Fedora 31
Opensuse Leap 15.1
Opensuse Leap 15.2
Debian Debian Linux 9.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 12.04
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-2907
hardcoded
inject
CVE-2024-20359
CVE-2024-2467
CVE-2024-4077
CVE-2024-22391
camera
CVE-2024-20353
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »