Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
samba vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2021-27185
The samba-client package prior to 4.0.0 for Node.js allows command injection because of the use of process.exec.
Samba-client Project Samba-client
4
CVSSv2
CVE-2020-14318
A flaw was found in the way samba handled file and directory permissions. An authenticated user could use this flaw to gain access to certain file and directory information which otherwise would be unavailable to the attacker.
Samba Samba
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 8.0
Redhat Storage 3.0
4
CVSSv2
CVE-2020-14383
A flaw was found in samba's DNS server. An authenticated user could use this flaw to the RPC server to crash. This RPC server, which also serves protocols other than dnsserver, will be restarted after a short delay, but it is easy for an authenticated non administrative mali...
Samba Samba
Redhat Enterprise Linux 8.0
9
CVSSv2
CVE-2020-17049
<p>A security feature bypass vulnerability exists in the way Key Distribution Center (KDC) determines if a service ticket can be used for delegation via Kerberos Constrained Delegation (KCD).</p> <p>To exploit the vulnerability, a compromised service that is con...
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2016 -
Microsoft Windows Server 2012
Microsoft Windows Server 2019 -
Microsoft Windows Server 2016 1903
Microsoft Windows Server 2016 1909
Microsoft Windows Server 2016 2004
Microsoft Windows Server 2016 20h2
Samba Samba
15 Github repositories
2.1
CVSSv2
CVE-2020-14323
A null pointer dereference flaw was found in samba's Winbind service in versions prior to 4.11.15, prior to 4.12.9 and prior to 4.13.1. A local user could use this flaw to crash the winbind service causing denial of service.
Samba Samba
Opensuse Leap 15.1
Opensuse Leap 15.2
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Debian Debian Linux 9.0
4.4
CVSSv2
CVE-2020-14342
It was found that cifs-utils' mount.cifs was invoking a shell when requesting the Samba password, which could be used to inject arbitrary commands. An attacker able to invoke mount.cifs with special permission, such as via sudo rules, could use this flaw to escalate their pr...
Samba Cifs-utils
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Opensuse Leap 15.1
9.3
CVSSv2
CVE-2020-1472
An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC). An attacker who successfully exploited the vulnerability could run a specially crafted...
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2016 -
Microsoft Windows Server 2012 -
Microsoft Windows Server 2019 -
Microsoft Windows Server 2016 1903
Microsoft Windows Server 2016 1909
Microsoft Windows Server 2016 2004
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Opensuse Leap 15.1
Opensuse Leap 15.2
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 20.04
Synology Directory Server
Samba Samba
Debian Debian Linux 9.0
Oracle Zfs Storage Appliance Kit 8.8
157 Github repositories
16 Articles
7.8
CVSSv2
CVE-2020-10745
A flaw was found in all Samba versions prior to 4.10.17, prior to 4.11.11 and prior to 4.12.4 in the way it processed NetBios over TCP/IP. This flaw allows a remote attacker could to cause the Samba server to consume excessive CPU use, resulting in a denial of service. This highe...
Samba Samba
Fedoraproject Fedora 31
Opensuse Leap 15.1
Opensuse Leap 15.2
Debian Debian Linux 9.0
4
CVSSv2
CVE-2020-10730
A NULL pointer dereference, or possible use-after-free flaw was found in Samba AD LDAP server in versions prior to 4.10.17, prior to 4.11.11 and prior to 4.12.4. Although some versions of Samba shipped with Red Hat Enterprise Linux do not support Samba in AD mode, the affected co...
Samba Samba
Redhat Storage 3.0
Opensuse Leap 15.1
Opensuse Leap 15.2
Fedoraproject Fedora 31
Debian Debian Linux 9.0
Debian Debian Linux 10.0
4
CVSSv2
CVE-2020-10760
A use-after-free flaw was found in all samba LDAP server versions prior to 4.10.17, prior to 4.11.11, prior to 4.12.4 used in a AC DC configuration. A Samba LDAP user could use this flaw to crash samba.
Samba Samba
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 20.04
Opensuse Leap 15.1
Opensuse Leap 15.2
Fedoraproject Fedora 31
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
administrator privileges
CVE-2024-1579
hardcoded
CVE-2023-20198
CVE-2024-33587
CVE-2024-33449
CVE-2024-4308
HTML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »