Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
samba vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2021-3670
MaxQueryDuration not honoured in Samba AD DC LDAP
Samba Samba
Redhat Storage 3.0
Fedoraproject Fedora 35
6.5
CVSSv3
CVE-2021-43039
An issue exists in Kaseya Unitrends Backup Appliance prior to 10.5.5. The Samba file sharing service allowed anonymous read/write access.
Kaseya Unitrends Backup
6.5
CVSSv3
CVE-2021-3671
A null pointer de-reference was found in the way samba kerberos server handled missing sname in TGS-REQ (Ticket Granting Server - Request). An authenticated user could use this flaw to crash the samba server.
Samba Samba
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp Ontap Select Deploy Administration Utility -
Netapp Management Services For Element Software -
Netapp Management Services For Netapp Hci -
6.5
CVSSv3
CVE-2020-14383
A flaw was found in samba's DNS server. An authenticated user could use this flaw to the RPC server to crash. This RPC server, which also serves protocols other than dnsserver, will be restarted after a short delay, but it is easy for an authenticated non administrative mali...
Samba Samba
Redhat Enterprise Linux 8.0
6.5
CVSSv3
CVE-2020-10730
A NULL pointer dereference, or possible use-after-free flaw was found in Samba AD LDAP server in versions prior to 4.10.17, prior to 4.11.11 and prior to 4.12.4. Although some versions of Samba shipped with Red Hat Enterprise Linux do not support Samba in AD mode, the affected co...
Samba Samba
Redhat Storage 3.0
Opensuse Leap 15.1
Opensuse Leap 15.2
Fedoraproject Fedora 31
Debian Debian Linux 9.0
Debian Debian Linux 10.0
6.5
CVSSv3
CVE-2020-10760
A use-after-free flaw was found in all samba LDAP server versions prior to 4.10.17, prior to 4.11.11, prior to 4.12.4 used in a AC DC configuration. A Samba LDAP user could use this flaw to crash samba.
Samba Samba
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 20.04
Opensuse Leap 15.1
Opensuse Leap 15.2
Fedoraproject Fedora 31
6.5
CVSSv3
CVE-2019-14907
All samba versions 4.9.x prior to 4.9.18, 4.10.x prior to 4.10.12 and 4.11.x prior to 4.11.5 have an issue where if it is set with "log level = 3" (or above) then the string obtained from the client, after a failed character conversion, is printed. Such strings can be p...
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Samba Samba
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 8.0
Redhat Storage 3.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 19.10
Synology Skynas -
Synology Diskstation Manager 6.2
Synology Directory Server -
Synology Router Manager 1.2
Debian Debian Linux 9.0
6.5
CVSSv3
CVE-2019-19344
There is a use-after-free issue in all samba 4.9.x versions prior to 4.9.18, all samba 4.10.x versions prior to 4.10.12 and all samba 4.11.x versions prior to 4.11.5, essentially due to a call to realloc() while other local variables still point at the original buffer.
Samba Samba
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 19.10
Synology Skynas -
Synology Diskstation Manager 6.2
Synology Directory Server -
Synology Router Manager 1.2
Opensuse Leap 15.1
6.5
CVSSv3
CVE-2019-10218
A flaw was found in the samba client, all samba versions before samba 4.11.2, 4.10.10 and 4.9.15, where a malicious server can supply a pathname to the client with separators. This could allow the client to access files and folders outside of the SMB network pathnames. An attacke...
Samba Samba
Fedoraproject Fedora 29
Fedoraproject Fedora 31
6.5
CVSSv3
CVE-2019-12435
Samba 4.9.x prior to 4.9.9 and 4.10.x prior to 4.10.5 has a NULL pointer dereference, leading to Denial of Service. This is related to the AD DC DNS management server (dnsserver) RPC server process.
Samba Samba
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
encryption
CVE-2024-4331
CVE-2024-26925
arbitrary code
CVE-2006-4304
CVE-2024-25458
CVE-2024-27077
reflected XSS
CVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »