Samba 4.17.12

CPE Details

Samba 4.17.12
samba
samba
4.17.12
2023-11-13
11h31 +00:00
2023-11-13
11h31 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:samba:samba:4.17.12:*:*:*:*:*:*:*

Informations

Vendor

samba

Product

samba

Version

4.17.12

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2023-5568 2023-10-24 21h56 +00:00 A heap-based Buffer Overflow flaw was discovered in Samba. It could allow a remote, authenticated attacker to exploit this vulnerability to cause a denial of service.
6.5
Medium
CVE-2018-14628 2023-01-17 00h00 +00:00 An information leak vulnerability was discovered in Samba's LDAP server. Due to missing access control checks, an authenticated but unprivileged attacker could discover the names and preserved attributes of deleted objects in the LDAP store.
4.3
Medium
CVE-2022-1615 2022-08-31 22h00 +00:00 In Samba, GnuTLS gnutls_rnd() can fail and give predictable random values.
5.5
Medium
CVE-2022-32743 2022-08-31 22h00 +00:00 Samba does not validate the Validated-DNS-Host-Name right for the dNSHostName attribute which could permit unprivileged users to write it.
7.5
High
CVE-2021-3670 2022-08-23 15h50 +00:00 MaxQueryDuration not honoured in Samba AD DC LDAP
6.5
Medium
CVE-2011-2411 2011-10-02 20h00 +00:00 Unspecified vulnerability on HP NonStop Servers with software H06.x through H06.23.00 and J06.x through J06.12.00, when Samba is used, allows remote authenticated users to execute arbitrary code via unknown vectors.
9
The information presented on CVE Find originates from several carefully selected reference sources. CVE data is provided by MITRE Corporation and the National Vulnerability Database (NVD). The Known Exploited Vulnerabilities (KEV) catalog is sourced from the Cybersecurity and Infrastructure Security Agency (CISA), while EPSS scores come from FIRST.org. Additionally, data regarding software weaknesses (CWE) and common attack patterns (CAPEC) is maintained by MITRE Corporation, and information on hardware and software configurations (CPE) is provided by the NVD.