Max CVSS | 10.0 | Min CVSS | 2.6 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2020-1472 | 9.3 |
An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC). An attacker who successfully exploited the vulnerability
|
23-05-2024 - 17:56 | 17-08-2020 - 19:15 | |
CVE-2019-14907 | 2.6 |
All samba versions 4.9.x before 4.9.18, 4.10.x before 4.10.12 and 4.11.x before 4.11.5 have an issue where if it is set with "log level = 3" (or above) then the string obtained from the client, after a failed character conversion, is printed. Such st
|
14-09-2023 - 17:15 | 21-01-2020 - 18:15 | |
CVE-2019-10218 | 4.3 |
A flaw was found in the samba client, all samba versions before samba 4.11.2, 4.10.10 and 4.9.15, where a malicious server can supply a pathname to the client with separators. This could allow the client to access files and folders outside of the SMB
|
14-09-2023 - 17:15 | 06-11-2019 - 10:15 | |
CVE-2017-12163 | 4.8 |
An information leak flaw was found in the way SMB1 protocol was implemented by Samba before 4.4.16, 4.5.x before 4.5.14, and 4.6.x before 4.6.8. A malicious client could use this flaw to dump server memory contents to a file on the samba share or to
|
12-02-2023 - 23:27 | 26-07-2018 - 16:29 | |
CVE-2018-1139 | 4.3 |
A flaw was found in the way samba before 4.7.9 and 4.8.4 allowed the use of weak NTLMv1 authentication even when NTLMv1 was explicitly disabled. A man-in-the-middle attacker could use this flaw to read the credential and other details passed between
|
29-08-2022 - 20:43 | 22-08-2018 - 14:29 | |
CVE-2017-15275 | 5.0 |
Samba before 4.7.3 might allow remote attackers to obtain sensitive information by leveraging failure of the server to clear allocated heap memory.
|
29-08-2022 - 20:43 | 27-11-2017 - 22:29 | |
CVE-2017-2619 | 6.0 |
Samba before versions 4.6.1, 4.5.7 and 4.4.11 are vulnerable to a malicious client using a symlink race to allow access to areas of the server file system not exported under the share definition.
|
29-08-2022 - 20:20 | 12-03-2018 - 15:29 | |
CVE-2019-3880 | 5.5 |
A flaw was found in the way samba implemented an RPC endpoint emulating the Windows registry service API. An unprivileged attacker could use this flaw to create a new registry hive file anywhere they have unix permissions which could lead to creation
|
29-08-2022 - 20:02 | 09-04-2019 - 16:29 | |
CVE-2017-7494 | 10.0 |
Samba since version 3.5.0 and before 4.6.4, 4.5.10 and 4.4.14 is vulnerable to remote code execution vulnerability, allowing a malicious client to upload a shared library to a writable share, and then cause the server to load and execute it.
|
16-08-2022 - 13:02 | 30-05-2017 - 18:29 | |
CVE-2020-1472 | 9.3 |
An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC), aka 'Netlogon Elevation of Privilege Vulnerability'.
|
28-09-2020 - 13:48 | 17-08-2020 - 19:15 | |
CVE-2017-9461 | 6.8 |
smbd in Samba before 4.4.10 and 4.5.x before 4.5.6 has a denial of service vulnerability (fd_open_atomic infinite loop with high CPU usage and memory consumption) due to wrongly handling dangling symlinks.
|
03-10-2019 - 00:03 | 06-06-2017 - 21:29 |