Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
samba samba vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2020-14303
A flaw was found in the AD DC NBT server in all Samba versions prior to 4.10.17, prior to 4.11.11 and prior to 4.12.4. A samba user could send an empty UDP packet to cause the samba server to crash.
Samba Samba
Fedoraproject Fedora 31
Opensuse Leap 15.1
Opensuse Leap 15.2
Debian Debian Linux 9.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 12.04
7.5
CVSSv3
CVE-2020-10704
A flaw was found when using samba as an Active Directory Domain Controller. Due to the way samba handles certain requests as an Active Directory Domain Controller LDAP server, an unauthorized user can cause a stack overflow leading to a denial of service. The highest threat from ...
Samba Samba
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Opensuse Leap 15.2
Debian Debian Linux 9.0
5.3
CVSSv3
CVE-2020-10700
A use-after-free flaw was found in the way samba AD DC LDAP servers, handled 'Paged Results' control is combined with the 'ASQ' control. A malicious user in a samba AD could use this flaw to cause denial of service. This issue affects all samba versions prior ...
Samba Samba
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Opensuse Leap 15.2
5.4
CVSSv3
CVE-2019-14902
There is an issue in all samba 4.11.x versions prior to 4.11.5, all samba 4.10.x versions prior to 4.10.12 and all samba 4.9.x versions prior to 4.9.18, where the removal of the right to create or modify a subtree would not automatically be taken away on all domain controllers.
Samba Samba
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Opensuse Leap 15.1
Canonical Ubuntu Linux 19.10
Debian Debian Linux 9.0
6.5
CVSSv3
CVE-2019-19344
There is a use-after-free issue in all samba 4.9.x versions prior to 4.9.18, all samba 4.10.x versions prior to 4.10.12 and all samba 4.11.x versions prior to 4.11.5, essentially due to a call to realloc() while other local variables still point at the original buffer.
Samba Samba
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 19.10
Synology Skynas -
Synology Diskstation Manager 6.2
Synology Directory Server -
Synology Router Manager 1.2
Opensuse Leap 15.1
6.5
CVSSv3
CVE-2019-14907
All samba versions 4.9.x prior to 4.9.18, 4.10.x prior to 4.10.12 and 4.11.x prior to 4.11.5 have an issue where if it is set with "log level = 3" (or above) then the string obtained from the client, after a failed character conversion, is printed. Such strings can be p...
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Samba Samba
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 8.0
Redhat Storage 3.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 19.10
Synology Skynas -
Synology Diskstation Manager 6.2
Synology Directory Server -
Synology Router Manager 1.2
Debian Debian Linux 9.0
4.7
CVSSv3
CVE-2011-3585
Multiple race conditions in the (1) mount.cifs and (2) umount.cifs programs in Samba 3.6 allow local users to cause a denial of service (mounting outage) via a SIGKILL signal during a time window when the /etc/mtab~ file exists.
Samba Samba 3.6.0
Redhat Enterprise Linux 4.0
Redhat Enterprise Linux 6.0
Redhat Enterprise Linux 5.0
5.3
CVSSv3
CVE-2019-14861
All Samba versions 4.x.x prior to 4.9.17, 4.10.x prior to 4.10.11 and 4.11.x prior to 4.11.3 have an issue, where the (poorly named) dnsserver RPC pipe provides administrative facilities to modify DNS records and zones. Samba, when acting as an AD DC, stores DNS records in LDAP. ...
Samba Samba
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 19.10
Opensuse Leap 15.1
Debian Debian Linux 9.0
5.4
CVSSv3
CVE-2019-14870
All Samba versions 4.x.x prior to 4.9.17, 4.10.x prior to 4.10.11 and 4.11.x prior to 4.11.3 have an issue, where the S4U (MS-SFU) Kerberos delegation model includes a feature allowing for a subset of clients to be opted out of constrained delegation in any way, either S4U2Self o...
Samba Samba
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 16.04
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Opensuse Leap 15.1
4.9
CVSSv3
CVE-2019-14847
A flaw was found in samba 4.0.0 before samba 4.9.15 and samba 4.10.x prior to 4.10.10. An attacker can crash AD DC LDAP server via dirsync resulting in denial of service. Privilege escalation is not possible with this issue.
Samba Samba
Opensuse Leap 15.0
Fedoraproject Fedora 29
Fedoraproject Fedora 30
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48700
CVE-2022-48689
CVE-2024-27956
CVE-2023-6363
SQL
NULL pointer dereference
CVE-2023-41830
CVE-2015-2051
arbitrary
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »