Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
samba samba vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2012-1182
The RPC code generator in Samba 3.x prior to 3.4.16, 3.5.x prior to 3.5.14, and 3.6.x prior to 3.6.4 does not implement validation of an array length in a manner consistent with validation of array memory allocation, which allows remote malicious users to execute arbitrary code v...
Samba Samba
Samba Samba 3.0.0
Samba Samba 3.0.1
Samba Samba 3.0.2
Samba Samba 3.0.2a
Samba Samba 3.0.3
Samba Samba 3.0.4
Samba Samba 3.0.5
Samba Samba 3.0.6
Samba Samba 3.0.7
Samba Samba 3.0.8
Samba Samba 3.0.9
1 EDB exploit
2 Nmap scripts
6 Github repositories
5
CVSSv2
CVE-2010-1642
The reply_sesssetup_and_X_spnego function in sesssetup.c in smbd in Samba prior to 3.4.8 and 3.5.x prior to 3.5.2 allows remote malicious users to trigger an out-of-bounds read, and cause a denial of service (process crash), via a \xff\xff security blob length in a Session Setup ...
Samba Samba
Samba Samba 3.0.0
Samba Samba 3.0.1
Samba Samba 3.0.2
Samba Samba 3.0.2a
Samba Samba 3.0.3
Samba Samba 3.0.4
Samba Samba 3.0.5
Samba Samba 3.0.6
Samba Samba 3.0.7
Samba Samba 3.0.8
Samba Samba 3.0.9
5
CVSSv2
CVE-2010-1635
The chain_reply function in process.c in smbd in Samba prior to 3.4.8 and 3.5.x prior to 3.5.2 allows remote malicious users to cause a denial of service (NULL pointer dereference and process crash) via a Negotiate Protocol request with a certain 0x0003 field value followed by a ...
Samba Samba
Samba Samba 3.0.0
Samba Samba 3.0.1
Samba Samba 3.0.2
Samba Samba 3.0.2a
Samba Samba 3.0.3
Samba Samba 3.0.4
Samba Samba 3.0.5
Samba Samba 3.0.6
Samba Samba 3.0.7
Samba Samba 3.0.8
Samba Samba 3.0.9
5.1
CVSSv2
CVE-2013-0213
The Samba Web Administration Tool (SWAT) in Samba 3.x prior to 3.5.21, 3.6.x prior to 3.6.12, and 4.x prior to 4.0.2 allows remote malicious users to conduct clickjacking attacks via a (1) FRAME or (2) IFRAME element.
Samba Samba 3.0.0
Samba Samba 3.0.1
Samba Samba 3.0.2
Samba Samba 3.0.2a
Samba Samba 3.0.3
Samba Samba 3.0.4
Samba Samba 3.0.5
Samba Samba 3.0.6
Samba Samba 3.0.7
Samba Samba 3.0.8
Samba Samba 3.0.9
Samba Samba 3.0.10
5.1
CVSSv2
CVE-2013-0214
Cross-site request forgery (CSRF) vulnerability in the Samba Web Administration Tool (SWAT) in Samba 3.x prior to 3.5.21, 3.6.x prior to 3.6.12, and 4.x prior to 4.0.2 allows remote malicious users to hijack the authentication of arbitrary users by leveraging knowledge of a passw...
Samba Samba 3.6.0
Samba Samba 3.6.1
Samba Samba 3.6.2
Samba Samba 3.6.3
Samba Samba 3.6.4
Samba Samba 3.6.5
Samba Samba 3.6.6
Samba Samba 3.6.7
Samba Samba 3.6.8
Samba Samba 3.6.9
Samba Samba 3.6.10
Samba Samba 3.6.11
1.2
CVSSv2
CVE-2011-2724
The check_mtab function in client/mount.cifs.c in mount.cifs in smbfs in Samba 3.5.10 and previous versions does not properly verify that the (1) device name and (2) mountpoint strings are composed of valid characters, which allows local users to cause a denial of service (mtab c...
Samba Samba
Samba Samba 1.9.17
Samba Samba 1.9.18
Samba Samba 2.0
Samba Samba 2.0.0
Samba Samba 2.0.1
Samba Samba 2.0.2
Samba Samba 2.0.3
Samba Samba 2.0.4
Samba Samba 2.0.5
Samba Samba 2.0.5a
Samba Samba 2.0.6
9.3
CVSSv2
CVE-2007-6015
Stack-based buffer overflow in the send_mailslot function in nmbd in Samba 3.0.0 up to and including 3.0.27a, when the "domain logons" option is enabled, allows remote malicious users to execute arbitrary code via a GETDC mailslot request composed of a long GETDC string...
Samba Samba 2.0.1
Samba Samba 2.0.2
Samba Samba 2.0.3
Samba Samba 2.0.4
Samba Samba 2.0.5
Samba Samba 2.0.6
Samba Samba 2.0.7
Samba Samba 2.0.8
Samba Samba 2.0.9
Samba Samba 2.0.10
Samba Samba 2.2.0
Samba Samba 2.2.0a
1 EDB exploit
5
CVSSv2
CVE-2011-0719
Samba 3.x prior to 3.3.15, 3.4.x prior to 3.4.12, and 3.5.x prior to 3.5.7 does not perform range checks for file descriptors before use of the FD_SET macro, which allows remote malicious users to cause a denial of service (stack memory corruption, and infinite loop or daemon cra...
Samba Samba 3.0.0
Samba Samba 3.0.1
Samba Samba 3.0.2
Samba Samba 3.0.2a
Samba Samba 3.0.3
Samba Samba 3.0.4
Samba Samba 3.0.5
Samba Samba 3.0.6
Samba Samba 3.0.7
Samba Samba 3.0.8
Samba Samba 3.0.9
Samba Samba 3.0.10
2.1
CVSSv2
CVE-2010-0547
client/mount.cifs.c in mount.cifs in smbfs in Samba 3.4.5 and previous versions does not verify that the (1) device name and (2) mountpoint strings are composed of valid characters, which allows local users to cause a denial of service (mtab corruption) via a crafted string.
Samba Samba
Samba Samba 1.9.17
Samba Samba 1.9.18
Samba Samba 2.2.0
Samba Samba 2.2.0a
Samba Samba 2.2.1
Samba Samba 2.2.1a
Samba Samba 2.2.2
Samba Samba 2.2.3
Samba Samba 2.2.3a
Samba Samba 2.2.4
Samba Samba 2.2.5
8.5
CVSSv2
CVE-2014-8143
Samba 4.0.x prior to 4.0.24, 4.1.x prior to 4.1.16, and 4.2.x prior to 4.2rc4, when an Active Directory Domain Controller (AD DC) is configured, allows remote authenticated users to set the LDB userAccountControl UF_SERVER_TRUST_ACCOUNT bit, and consequently gain privileges, by l...
Samba Samba 4.0.0
Samba Samba 4.0.1
Samba Samba 4.0.2
Samba Samba 4.0.3
Samba Samba 4.0.4
Samba Samba 4.0.5
Samba Samba 4.0.6
Samba Samba 4.0.7
Samba Samba 4.0.8
Samba Samba 4.0.9
Samba Samba 4.0.10
Samba Samba 4.0.11
Preferred Score:
CVSSv3
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
dos
cente tcp/ipv4
CVE-2025-26568
hard-coded
CVE-2025-25898
heart health ios mobile application
myscada
CVE-2025-24016
arbitrary
CVE-2023-34402
CVE-2024-37602
130.8005
CVE-2025-24200
Home
/
Search Results
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »