CVE-2022-45141 |
AVG-2828 |
Unknown |
Unknown |
Unknown |
Unknown |
CVE-2022-42898 |
AVG-2828 |
Unknown |
Unknown |
Unknown |
Unknown |
CVE-2022-38023 |
AVG-2828 |
Unknown |
Unknown |
Unknown |
Unknown |
CVE-2022-37967 |
AVG-2828 |
Unknown |
Unknown |
Unknown |
Unknown |
CVE-2022-37966 |
AVG-2828 |
Unknown |
Unknown |
Unknown |
Unknown |
CVE-2022-32746 |
AVG-2782 |
Medium |
Yes |
Arbitrary code execution |
Samba AD users can induce a use-after-free in the server process with an LDAP add or modify request. |
CVE-2022-32745 |
AVG-2782 |
Medium |
Yes |
Unknown |
Samba AD users can crash the server process with an LDAP add or modify request. |
CVE-2022-32744 |
AVG-2782 |
High |
Yes |
Authentication bypass |
Samba AD users can forge password change requests for any user. |
CVE-2022-32742 |
AVG-2782 |
Medium |
Yes |
Information disclosure |
Server memory information leak via SMB1. |
CVE-2022-3492 |
AVG-2828 |
Unknown |
Unknown |
Unknown |
Unknown |
CVE-2022-3437 |
AVG-2828 |
Unknown |
Unknown |
Unknown |
Unknown |
CVE-2022-2031 |
AVG-2782 |
Medium |
Yes |
Access restriction bypass |
Samba AD users can bypass certain restrictions associated with changing passwords. |
CVE-2022-0336 |
AVG-2648 |
Medium |
No |
Access restriction bypass |
The Samba AD DC includes checks when adding service principals names (SPNs) to an account to ensure that SPNs do not alias with those already in the... |
CVE-2021-44142 |
AVG-2648 |
Critical |
Yes |
Arbitrary code execution |
All versions of Samba prior to 4.13.17 are vulnerable to an out-of- bounds heap read write vulnerability that allows remote attackers to execute arbitrary... |
CVE-2021-44141 |
AVG-2648 |
Medium |
No |
Information disclosure |
All versions of Samba prior to 4.15.5 are vulnerable to a malicious client using a server symlink to determine if a file or directory exists in an area of... |
CVE-2021-23192 |
AVG-2538 |
Medium |
Yes |
Insufficient validation |
A security issue has been found in Samba versions 4.10.0 to 4.15.1. If a client to a Samba server sent a very large DCE/RPC request, and chose to fragment... |
CVE-2021-20277 |
AVG-1732 |
Medium |
Yes |
Information disclosure |
A security issue has been found in Samba before version 4.14.2. A string in an LDAP attribute that contains multiple consecutive leading spaces can lead to... |
CVE-2021-20254 |
AVG-1893 |
Medium |
Yes |
Access restriction bypass |
A security issue has been found in all versions of the Samba file server since Samba 3.6.0. A coding error converting SIDs to gids could allow unexpected... |
CVE-2021-3738 |
AVG-2538 |
Medium |
Yes |
Arbitrary code execution |
A security issue has been found in Samba versions 4.0.0 to 4.15.1. The AD DC RPC server can use memory that was free()ed when a sub- connection is closed. |
CVE-2021-3671 |
AVG-2418 |
Low |
Yes |
Denial of service |
In Samba before version 4.15.0, an unauthenticated user can crash the AD DC KDC by omitting the server name in a TGS-REQ. |
CVE-2020-27840 |
AVG-1732 |
Medium |
Yes |
Arbitrary code execution |
A security issue has been found in Samba before version 4.14.2. A DN may be represented in string form with arbitrary amounts of space around the component... |
CVE-2020-25722 |
AVG-2538 |
Medium |
Yes |
Insufficient validation |
A security issue has been found in Samba versions 4.0.0 to 4.15.1. At a number of points in the Samba AD DC per-attribute and schema based permission checks... |
CVE-2020-25721 |
AVG-2538 |
Medium |
Yes |
Privilege escalation |
A security issue has been found in Samba versions 4.0.0 to 4.15.1. Samba as an AD DC did not provide a way for Linux applications to obtain a reliable SID... |
CVE-2020-25719 |
AVG-2538 |
Medium |
Yes |
Privilege escalation |
A security issue has been found in Samba versions 4.0.0 to 4.15.1. The Samba AD DC, could become confused about the user a ticket represents if it did not... |
CVE-2020-25718 |
AVG-2538 |
Medium |
Yes |
Privilege escalation |
A security issue has been found in Samba versions 4.0.0 to 4.15.1. The Samba AD DC, when joined by an RODC, did not confirm if the RODC was allowed to print... |
CVE-2020-25717 |
AVG-2538 |
Medium |
Yes |
Privilege escalation |
A security issue has been found in Samba versions 3.0.0 to 4.15.1. Samba may map domain users to local users in an undesired way. |
CVE-2020-14303 |
AVG-1202 |
High |
Yes |
Denial of service |
A flaw was found in the AD DC NBT server in all Samba versions before 4.10.17, before 4.11.11 and before 4.12.4. A samba user could send an empty UDP packet... |
CVE-2020-10760 |
AVG-1202 |
High |
Yes |
Denial of service |
A use-after-free flaw was found in all samba LDAP server versions before 4.10.17, before 4.11.11, before 4.12.4 used in a AC DC configuration. A Samba LDAP... |
CVE-2020-10745 |
AVG-1202 |
Medium |
Yes |
Denial of service |
A flaw was found in all Samba versions before 4.10.17, before 4.11.11 and before 4.12.4 in the way it processed NetBios over TCP/IP and DNS paclets. This... |
CVE-2020-10730 |
AVG-1202 |
High |
Yes |
Denial of service |
A NULL pointer dereference, or possible use-after-free flaw was found in Samba AD LDAP server in versions before 4.10.17, before 4.11.11 and before 4.12.4.... |
CVE-2020-1472 |
AVG-1236 |
Medium |
Yes |
Access restriction bypass |
A flaw was found in the Microsoft Windows Netlogon Remote Protocol (MS-NRPC), where it reuses a known, static, zero-value initialization vector (IV) in... |
CVE-2019-14847 |
AVG-1057 |
Low |
Yes |
Denial of service |
A denial of service has been found in Samba before 4.10.10, where users with the "get changes" extended access right can crash the AD DC LDAP server by... |
CVE-2019-14833 |
AVG-1057 |
Medium |
Yes |
Insufficient validation |
A security issue has been found in Samba before 4.10.10, where the check password script does not receive the full password string when the password... |
CVE-2019-10218 |
AVG-1057 |
Medium |
Yes |
Arbitrary filesystem access |
An issue has been found in Samba before 4.10.10 where a malicious server can craft a pathname containing separators and return this to client code, causing... |
CVE-2018-16857 |
AVG-823 |
Low |
Yes |
Access restriction bypass |
A security issue has been found in samba from 4.9.0 up to and including 4.9.2, where AD DC Configurations watching for bad passwords to restrict brute... |
CVE-2018-16853 |
AVG-823 |
Medium |
Yes |
Denial of service |
A denial of service has been found in samba from 4.7.0 up to and including 4.9.2, where a user in a Samba AD domain can crash the MIT KDC by requesting an... |
CVE-2018-16852 |
AVG-823 |
Medium |
Yes |
Denial of service |
A NULL pointer de-reference issue has been found in samba from 4.9.0 up to and including 4.9.2, where a user able to create or modify dnsZone objects can... |
CVE-2018-16851 |
AVG-823 |
Medium |
Yes |
Denial of service |
A NULL pointer de-reference issue has been found in samba from 4.0.0 up to and including 4.9.2, where a user able to read more than 256MB of LDAP entries... |
CVE-2018-16841 |
AVG-823 |
High |
Yes |
Denial of service |
A double-free issue has been found in samba from 4.3.0 up to and including 4.9.2, where a user with a valid certificate or smart card can crash the Samba AD... |
CVE-2018-14629 |
AVG-823 |
Medium |
Yes |
Denial of service |
A denial of service security issue has been found in samba from 4.0.0 up to and including 4.9.2, where an unprivileged user can use the ldbadd tool to add... |
CVE-2018-1057 |
AVG-651 |
Critical |
Yes |
Access restriction bypass |
On a Samba 4 AD DC any authenticated user can change other users' passwords over LDAP, including the passwords of administrative users and service accounts. |
CVE-2018-1050 |
AVG-651 |
Medium |
Yes |
Denial of service |
All versions of Samba from 4.0.0 onwards are vulnerable to a denial of service attack when the RPC spoolss service is configured to be run as an external... |
CVE-2017-15275 |
AVG-535 |
Medium |
Yes |
Information disclosure |
A memory disclosure flaw was found in samba. An attacker could retrieve parts of server memory, which could contain potentially sensitive data, by sending... |
CVE-2017-14746 |
AVG-535 |
High |
Yes |
Arbitrary code execution |
A use-after-free flaw was found in the way samba servers handled certain SMB1 requests. An unauthenticated attacker could send specially-crafted SMB1... |
CVE-2017-7494 |
AVG-279 |
High |
Yes |
Arbitrary code execution |
All versions of Samba from 3.5.0 onwards are vulnerable to a remote code execution vulnerability, allowing a malicious client to upload a shared library to... |
CVE-2016-2126 |
AVG-111 |
Medium |
Yes |
Privilege escalation |
A remote, authenticated, attacker can cause the winbindd process to crash using a legitimate Kerberos ticket due to incorrect handling of the PAC checksum.... |
CVE-2016-2125 |
AVG-111 |
Medium |
Yes |
Authentication bypass |
Samba client code always requests a forwardable ticket when using Kerberos authentication. This means the target server, which must be in the current or... |
CVE-2016-2123 |
AVG-111 |
Critical |
Yes |
Arbitrary code execution |
The Samba routine ndr_pull_dnsp_name contains an integer wrap problem, leading to an attacker-controlled memory overwrite. ndr_pull_dnsp_name parses data... |