pkg:Alpine/samba
共 90 筆 CVECRITICAL6HIGH36MEDIUM47LOW1
✅ 檢查你的版本
所有已知漏洞
- from 0, < 4.2.14-r3
- from 0, < 4.10.18-r0
- CRITICAL10.0CVE-2025-10230A flaw was found in Samba, in the front-end WINS hook handling: NetBIOS names from registration packets are passed to a shell without prope…from 0, < 4.21.9-r0
- from 0, < 4.18.8-r0
- CRITICAL9.8CVE-2022-45141Since the Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability was disclosed by Microsoft on Nov 8 2022 and per RFC8429 it is ass…from 0, < 4.15.13-r0
- from 0, < 4.7.3-r0
- from 0, < 4.10.8-r0
- from 0, < 4.15.12-r0
- HIGH8.8CVE-2022-0336The Samba AD DC includes checks when adding service principals names (SPNs) to an account to ensure that SPNs do not alias with those alrea…from 0, < 4.15.12-r0
- from 0, < 4.15.12-r0
- from 0, < 4.14.14-r0
- from 0, < 4.13.17-r0
- HIGH8.8CVE-2021-3738In DCE/RPC it is possible to share the handles (cookies for resource state) between multiple connections via a mechanism called 'associatio…from 0, < 4.13.17-r0
- from 0, < 4.13.17-r0
- HIGH8.8CVE-2020-25722Multiple flaws were found in the way samba AD DC implemented access and conformance checking of stored data.from 0, < 4.13.17-r0
- HIGH8.8CVE-2020-25718A flaw was found in the way samba, as an Active Directory Domain Controller, is able to support an RODC (read-only domain controller).from 0, < 4.13.17-r0
- from 0, < 4.2.14-r1
- from 0, < 4.8.4-r0
- HIGH8.8CVE-2018-1057On a Samba 4 AD DC the LDAP server in all versions of Samba from 4.0.0 onwards incorrectly validates permissions to modify passwords over L…from 0, < 4.7.6-r0
- from 0, < 4.22.10-r0
- from 0, < 4.15.13-r0
- from 0, < 4.15.13-r0
- from 0, < 4.14.14-r0
- from 0, < 4.13.17-r0
- HIGH8.1CVE-2018-1139A flaw was found in the way samba before 4.7.9 and 4.8.4 allowed the use of weak NTLMv1 authentication even when NTLMv1 was explicitly disa…from 0, < 4.8.4-r0
- from 0, < 4.2.14-r4
- from 0, < 4.22.10-r0
- HIGH7.5CVE-2022-32743Samba does not validate the Validated-DNS-Host-Name right for the dNSHostName attribute which could permit unprivileged users to write it.from 0, < 4.14.14-r0
- from 0, < 4.13.17-r0
- from 0, < 4.12.14-r0
- from 0, < 4.12.14-r0
- HIGH7.5CVE-2020-10745A flaw was found in all Samba versions before 4.10.17, before 4.11.11 and before 4.12.4 in the way it processed NetBios over TCP/IP.from 0, < 4.10.17-r0
- HIGH7.5CVE-2020-14303A flaw was found in the AD DC NBT server in all Samba versions before 4.10.17, before 4.11.11 and before 4.12.4.from 0, < 4.10.17-r0
- from 0, < 4.10.15-r0
- from 0, < 4.10.3-r0
- from 0, < 4.6.1-r0
- from 0, < 4.7.3-r0
- HIGH7.4CVE-2017-12151A flaw was found in the way samba client before samba 4.4.16, samba 4.5.14 and samba 4.6.8 used encryption with the max protocol set as SMB…from 0, < 4.7.0-r0
- from 0, < 4.7.0-r0
- from 0, < 4.15.13-r0
- HIGH7.2CVE-2020-25719A flaw was found in the way Samba, as an Active Directory Domain Controller, implemented Kerberos name-based authentication.from 0, < 4.13.17-r0
- HIGH7.1CVE-2026-1933A flaw was found in Samba’s handling of NTFS-style reparse points on shares configured with read only = yes.from 0, < 4.22.10-r0
- HIGH7.1CVE-2017-12163An information leak flaw was found in the way SMB1 protocol was implemented by Samba before 4.4.16, 4.5.x before 4.5.14, and 4.6.x before 4…from 0, < 4.7.0-r0
- from 0, < 4.12.15-r0
- from 0, < 4.22.10-r0
- MEDIUM6.5CVE-2023-4154A design flaw was found in Samba's DirSync control implementation, which exposes passwords and secrets in Active Directory to privileged us…from 0, < 4.18.8-r0
- MEDIUM6.5CVE-2023-42669A vulnerability was found in Samba's "rpcecho" development server, a non-Windows RPC server used to test Samba's DCE/RPC stack elements.from 0, < 4.18.8-r0
- MEDIUM6.5CVE-2023-4091A vulnerability was discovered in Samba, where the flaw allows SMB clients to truncate files, even with read-only permissions when the Samb…from 0, < 4.18.8-r0
- from 0, < 4.18.8-r0
- MEDIUM6.5CVE-2022-3592A symlink following vulnerability was found in Samba, where a user can create a symbolic link that will make 'smbd' escape the configured s…from 0, < 4.15.12-r0
- MEDIUM6.5CVE-2022-3437A heap-based buffer overflow vulnerability was found in Samba within the GSSAPI unwrap_des() and unwrap_des3() routines of Heimdal.from 0, < 4.15.12-r0
- from 0, < 4.15.9-r0
- from 0, < 4.14.8-r0
- from 0, < 4.11.16-r0
- from 0, < 4.10.17-r0
- MEDIUM6.5CVE-2020-10760A use-after-free flaw was found in all samba LDAP server versions before 4.10.17, before 4.11.11, before 4.12.4 used in a AC DC configurati…from 0, < 4.10.17-r0
- MEDIUM6.5CVE-2019-19344There is a use-after-free issue in all samba 4.9.x versions before 4.9.18, all samba 4.10.x versions before 4.10.12 and all samba 4.11.x ve…from 0, < 4.10.12-r0
- MEDIUM6.5CVE-2019-14907All samba versions 4.9.x before 4.9.18, 4.10.x before 4.10.12 and 4.11.x before 4.11.5 have an issue where if it is set with "log level = 3…from 0, < 4.10.12-r0
- from 0, < 4.10.10-r0
- MEDIUM6.5CVE-2019-12436Samba 4.10.x before 4.10.5 has a NULL pointer dereference, leading to an AD DC LDAP server Denial of Service.from 0, < 4.10.5-r0
- MEDIUM6.5CVE-2019-12435Samba 4.9.x before 4.9.9 and 4.10.x before 4.10.5 has a NULL pointer dereference, leading to Denial of Service.from 0, < 4.10.5-r0
- MEDIUM6.5CVE-2018-16851Samba from version 4.0.0 and before versions 4.7.12, 4.8.7, 4.9.3 is vulnerable to a denial of service.from 0, < 4.8.7-r0
- MEDIUM6.5CVE-2018-16841Samba from version 4.3.0 and before versions 4.7.12, 4.8.7 and 4.9.3 are vulnerable to a denial of service.from 0, < 4.8.7-r0
- from 0, < 4.8.11-r0
- from 0, < 4.2.14-r1
- MEDIUM6.5CVE-2018-10919The Samba Active Directory LDAP server was vulnerable to an information disclosure flaw because of missing access control checks.from 0, < 4.8.4-r0
- MEDIUM6.5CVE-2018-10918A null pointer dereference flaw was found in the way samba checked database outputs from the LDB database layer.from 0, < 4.8.4-r0
- MEDIUM6.5CVE-2018-1140A missing input sanitization flaw was found in the implementation of LDP database used for the LDAP server.from 0, < 4.8.4-r0
- MEDIUM6.5CVE-2016-2126Samba version 4.0.0 up to 4.5.2 is vulnerable to privilege elevation due to incorrect handling of the PAC (Privilege Attribute Certificate)…from 0, < 4.2.14-r1
- from 0, < 4.13.17-r0
- MEDIUM5.9CVE-2018-16853Samba from version 4.7.0 has a vulnerability that allows a user in a Samba AD domain to crash the KDC when Samba is built in the non-defaul…from 0, < 4.8.7-r0
- from 0, < 4.17.0-r0
- MEDIUM5.5CVE-2020-14323A null pointer dereference flaw was found in samba's Winbind service in versions before 4.11.15, before 4.12.9 and before 4.13.1.from 0, < 4.11.16-r0
- from 0, < 4.14.14-r0
- MEDIUM5.4CVE-2019-14902There is an issue in all samba 4.11.x versions before 4.11.5, all samba 4.10.x versions before 4.10.12 and all samba 4.9.x versions before…from 0, < 4.10.12-r0
- from 0, < 4.10.11-r0
- MEDIUM5.4CVE-2019-14833A flaw was found in Samba, all versions starting samba 4.5.0 before samba 4.9.15, samba 4.10.10, samba 4.11.2, in the way it handles a user…from 0, < 4.10.10-r0
- from 0, < 4.8.11-r0
- MEDIUM5.3CVE-2020-10700A use-after-free flaw was found in the way samba AD DC LDAP servers, handled 'Paged Results' control is combined with the 'ASQ' control.from 0, < 4.10.15-r0
- MEDIUM5.3CVE-2019-14861All Samba versions 4.x.x before 4.9.17, 4.10.x before 4.10.11 and 4.11.x before 4.11.3 have an issue, where the (poorly named) dnsserver RP…from 0, < 4.10.11-r0
- from 0, < 4.21.6-r0
- MEDIUM4.9CVE-2019-14847A flaw was found in samba 4.0.0 before samba 4.9.15 and samba 4.10.x before 4.10.10.from 0, < 4.10.10-r0
- from 0, < 4.21.9-r0
- from 0, < 4.18.1-r0
- from 0, < 4.18.9-r0
- from 0, < 4.14.14-r0
- MEDIUM4.3CVE-2021-44141All versions of Samba prior to 4.15.5 are vulnerable to a malicious client using a server symlink to determine if a file or directory exist…from 0, < 4.15.5-r0
- from 0, < 4.11.16-r0
- from 0, < 4.7.6-r0
- LOW2.5CVE-2021-43566All versions of Samba prior to 4.13.16 are vulnerable to a malicious client using an SMB1 or NFS race to allow a directory to be created in…from 0, < 4.13.17-r0