from 0, < 4.2.14-r3
MEDIUM5.5CVE-2020-1472⚠ KEVMicrosoft Netlogon Privilege Escalation Vulnerability from 0, < 4.10.18-r0
CRITICAL10.0A flaw was found in Samba, in the front-end WINS hook handling: NetBIOS names from registration packets are passed to a shell without prope…
from 0, < 4.21.9-r0
CRITICAL9.8samba - security update
from 0, < 4.18.8-r0
CRITICAL9.8Since the Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability was disclosed by Microsoft on Nov 8 2022 and per RFC8429 it is ass…
from 0, < 4.15.13-r0
CRITICAL9.8samba - security update
from 0, < 4.7.3-r0
CRITICAL9.1samba - security update
from 0, < 4.10.8-r0
CRITICAL9.0A flaw was found in Samba.
from 0, < 4.22.10-r0
HIGH8.8krb5 - security update
from 0, < 4.15.12-r0
HIGH8.8The Samba AD DC includes checks when adding service principals names (SPNs) to an account to ensure that SPNs do not alias with those alrea…
from 0, < 4.15.12-r0
HIGH8.8A flaw was found in Samba.
from 0, < 4.15.12-r0
HIGH8.8samba - security update
from 0, < 4.14.14-r0
HIGH8.8Kerberos acceptors need easy access to stable AD identifiers (eg objectSid).
from 0, < 4.13.17-r0
HIGH8.8In DCE/RPC it is possible to share the handles (cookies for resource state) between multiple connections via a mechanism called 'associatio…
from 0, < 4.13.17-r0
HIGH8.8samba - security update
from 0, < 4.13.17-r0
HIGH8.8Multiple flaws were found in the way samba AD DC implemented access and conformance checking of stored data.
from 0, < 4.13.17-r0
HIGH8.8A flaw was found in the way samba, as an Active Directory Domain Controller, is able to support an RODC (read-only domain controller).
from 0, < 4.13.17-r0
HIGH8.8A flaw was found in samba versions 4.0.0 to 4.5.2.
from 0, < 4.2.14-r1
HIGH8.8samba - security update
from 0, < 4.8.4-r0
HIGH8.8On a Samba 4 AD DC the LDAP server in all versions of Samba from 4.0.0 onwards incorrectly validates permissions to modify passwords over L…
from 0, < 4.7.6-r0
HIGH8.5A flaw was found in the Samba printing subsystem.
from 0, < 4.22.10-r0
HIGH8.1Netlogon RPC Elevation of Privilege Vulnerability
from 0, < 4.15.13-r0
HIGH8.1Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability
from 0, < 4.15.13-r0
HIGH8.1A flaw was found in Samba.
from 0, < 4.14.14-r0
HIGH8.1samba - security update
from 0, < 4.13.17-r0
HIGH8.1A flaw was found in the way samba before 4.7.9 and 4.8.4 allowed the use of weak NTLMv1 authentication even when NTLMv1 was explicitly disa…
from 0, < 4.8.4-r0
HIGH8.1heimdal - security update
from 0, < 4.2.14-r4
HIGH8.0A flaw was found in Samba’s certificate auto-enrollment Group Policy handling.
from 0, < 4.22.10-r0
HIGH7.5A flaw was found in Samba’s WINS server component when running as an Active Directory Domain Controller.
from 0, < 4.22.10-r0
HIGH7.5Samba does not validate the Validated-DNS-Host-Name right for the dNSHostName attribute which could permit unprivileged users to write it.
from 0, < 4.14.14-r0
HIGH7.5A flaw was found in the way samba implemented DCE/RPC.
from 0, < 4.13.17-r0
HIGH7.5ldb - security update
from 0, < 4.12.14-r0
HIGH7.5A flaw was found in Samba's libldb.
from 0, < 4.12.14-r0
HIGH7.5A flaw was found in all Samba versions before 4.10.17, before 4.11.11 and before 4.12.4 in the way it processed NetBios over TCP/IP.
from 0, < 4.10.17-r0
HIGH7.5A flaw was found in the AD DC NBT server in all Samba versions before 4.10.17, before 4.11.11 and before 4.12.4.
from 0, < 4.10.17-r0
HIGH7.5samba - security update
from 0, < 4.10.15-r0
HIGH7.5heimdal - security update
from 0, < 4.10.3-r0
HIGH7.5samba - security update
from 0, < 4.6.1-r0
HIGH7.5samba - security update
from 0, < 4.7.3-r0
HIGH7.4A flaw was found in the way samba client before samba 4.4.16, samba 4.5.14 and samba 4.6.8 used encryption with the max protocol set as SMB…
from 0, < 4.7.0-r0
HIGH7.4samba - security update
from 0, < 4.7.0-r0
HIGH7.2Windows Kerberos Elevation of Privilege Vulnerability
from 0, < 4.15.13-r0
HIGH7.2A flaw was found in the way Samba, as an Active Directory Domain Controller, implemented Kerberos name-based authentication.
from 0, < 4.13.17-r0
HIGH7.1A flaw was found in Samba’s handling of NTFS-style reparse points on shares configured with read only = yes.
from 0, < 4.22.10-r0
HIGH7.1An information leak flaw was found in the way SMB1 protocol was implemented by Samba before 4.4.16, 4.5.x before 4.5.14, and 4.6.x before 4…
from 0, < 4.7.0-r0
MEDIUM6.8A flaw was found in samba.
from 0, < 4.12.15-r0
MEDIUM6.5A flaw was found in Samba’s vfs_worm module.
from 0, < 4.22.10-r0
MEDIUM6.5A design flaw was found in Samba's DirSync control implementation, which exposes passwords and secrets in Active Directory to privileged us…
from 0, < 4.18.8-r0
MEDIUM6.5A vulnerability was found in Samba's "rpcecho" development server, a non-Windows RPC server used to test Samba's DCE/RPC stack elements.
from 0, < 4.18.8-r0
MEDIUM6.5A vulnerability was discovered in Samba, where the flaw allows SMB clients to truncate files, even with read-only permissions when the Samb…
from 0, < 4.18.8-r0
MEDIUM6.5A flaw was found in Samba.
from 0, < 4.18.8-r0
MEDIUM6.5A symlink following vulnerability was found in Samba, where a user can create a symbolic link that will make 'smbd' escape the configured s…
from 0, < 4.15.12-r0
MEDIUM6.5A heap-based buffer overflow vulnerability was found in Samba within the GSSAPI unwrap_des() and unwrap_des3() routines of Heimdal.
from 0, < 4.15.12-r0
MEDIUM6.5MaxQueryDuration not honoured in Samba AD DC LDAP
from 0, < 4.15.9-r0
MEDIUM6.5heimdal - security update
from 0, < 4.14.8-r0
MEDIUM6.5A flaw was found in samba's DNS server.
from 0, < 4.11.16-r0
MEDIUM6.5ldb - security update
from 0, < 4.10.17-r0
MEDIUM6.5A use-after-free flaw was found in all samba LDAP server versions before 4.10.17, before 4.11.11, before 4.12.4 used in a AC DC configurati…
from 0, < 4.10.17-r0
MEDIUM6.5There is a use-after-free issue in all samba 4.9.x versions before 4.9.18, all samba 4.10.x versions before 4.10.12 and all samba 4.11.x ve…
from 0, < 4.10.12-r0
MEDIUM6.5All samba versions 4.9.x before 4.9.18, 4.10.x before 4.10.12 and 4.11.x before 4.11.5 have an issue where if it is set with "log level = 3…
from 0, < 4.10.12-r0
MEDIUM6.5samba - security update
from 0, < 4.10.10-r0
MEDIUM6.5Samba 4.10.x before 4.10.5 has a NULL pointer dereference, leading to an AD DC LDAP server Denial of Service.
from 0, < 4.10.5-r0
MEDIUM6.5Samba 4.9.x before 4.9.9 and 4.10.x before 4.10.5 has a NULL pointer dereference, leading to Denial of Service.
from 0, < 4.10.5-r0
MEDIUM6.5Samba from version 4.0.0 and before versions 4.7.12, 4.8.7, 4.9.3 is vulnerable to a denial of service.
from 0, < 4.8.7-r0
MEDIUM6.5Samba from version 4.3.0 and before versions 4.7.12, 4.8.7 and 4.9.3 are vulnerable to a denial of service.
from 0, < 4.8.7-r0
MEDIUM6.5samba - security update
from 0, < 4.8.11-r0
MEDIUM6.5samba - security update
from 0, < 4.2.14-r1
MEDIUM6.5The Samba Active Directory LDAP server was vulnerable to an information disclosure flaw because of missing access control checks.
from 0, < 4.8.4-r0
MEDIUM6.5A null pointer dereference flaw was found in the way samba checked database outputs from the LDB database layer.
from 0, < 4.8.4-r0
MEDIUM6.5A missing input sanitization flaw was found in the implementation of LDP database used for the LDAP server.
from 0, < 4.8.4-r0
MEDIUM6.5Samba version 4.0.0 up to 4.5.2 is vulnerable to privilege elevation due to incorrect handling of the PAC (Privilege Attribute Certificate)…
from 0, < 4.2.14-r1
MEDIUM5.9samba - security update
from 0, < 4.13.17-r0
MEDIUM5.9Samba from version 4.7.0 has a vulnerability that allows a user in a Samba AD domain to crash the KDC when Samba is built in the non-defaul…
from 0, < 4.8.7-r0
MEDIUM5.5In Samba, GnuTLS gnutls_rnd() can fail and give predictable random values.
from 0, < 4.17.0-r0
MEDIUM5.5A null pointer dereference flaw was found in samba's Winbind service in versions before 4.11.15, before 4.12.9 and before 4.13.1.
from 0, < 4.11.16-r0
MEDIUM5.4A flaw was found in the Samba AD LDAP server.
from 0, < 4.14.14-r0
MEDIUM5.4There is an issue in all samba 4.11.x versions before 4.11.5, all samba 4.10.x versions before 4.10.12 and all samba 4.9.x versions before…
from 0, < 4.10.12-r0
MEDIUM5.4heimdal - security update
from 0, < 4.10.11-r0
MEDIUM5.4A flaw was found in Samba, all versions starting samba 4.5.0 before samba 4.9.15, samba 4.10.10, samba 4.11.2, in the way it handles a user…
from 0, < 4.10.10-r0
MEDIUM5.4samba - security update
from 0, < 4.8.11-r0
MEDIUM5.3A use-after-free flaw was found in the way samba AD DC LDAP servers, handled 'Paged Results' control is combined with the 'ASQ' control.
from 0, < 4.10.15-r0
MEDIUM5.3All Samba versions 4.x.x before 4.9.17, 4.10.x before 4.10.11 and 4.11.x before 4.11.3 have an issue, where the (poorly named) dnsserver RP…
from 0, < 4.10.11-r0
MEDIUM4.9A flaw was found in Samba.
from 0, < 4.21.6-r0
MEDIUM4.9A flaw was found in samba 4.0.0 before samba 4.9.15 and samba 4.10.x before 4.10.10.
from 0, < 4.10.10-r0
MEDIUM4.3samba - security update
from 0, < 4.21.9-r0
MEDIUM4.3A flaw was found in Samba.
from 0, < 4.18.1-r0
MEDIUM4.3An information leak vulnerability was discovered in Samba's LDAP server.
from 0, < 4.18.9-r0
MEDIUM4.3A flaw was found in Samba.
from 0, < 4.14.14-r0
MEDIUM4.3All versions of Samba prior to 4.15.5 are vulnerable to a malicious client using a server symlink to determine if a file or directory exist…
from 0, < 4.15.5-r0
MEDIUM4.3samba - security update
from 0, < 4.11.16-r0
MEDIUM4.3samba - security update
from 0, < 4.7.6-r0
LOW2.5All versions of Samba prior to 4.13.16 are vulnerable to a malicious client using an SMB1 or NFS race to allow a directory to be created in…
from 0, < 4.13.17-r0