Samba CVEs and Security Vulnerabilities

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2002-1318	4 Hp, Redhat, Samba and 1 more	4 Cifs-9000 Server, Linux, Samba and 1 more	2025-04-03	N/A
Buffer overflow in samba 2.2.2 through 2.2.6 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an encrypted password that causes the overflow during decryption in which a DOS codepage string is converted to a little-endian UCS2 unicode string.
CVE-2004-0930	5 Conectiva, Gentoo, Redhat and 2 more	8 Linux, Linux, Enterprise Linux and 5 more	2025-04-03	N/A
The ms_fnmatch function in Samba 3.0.4 and 3.0.7 and possibly other versions allows remote authenticated users to cause a denial of service (CPU consumption) via a SAMBA request that contains multiple * (wildcard) characters.
CVE-2004-0807	6 Conectiva, Mandrakesoft, Redhat and 3 more	6 Linux, Mandrake Linux, Enterprise Linux and 3 more	2025-04-03	N/A
Samba 3.0.6 and earlier allows remote attackers to cause a denial of service (infinite loop and memory exhaustion) via certain malformed requests that cause new processes to be spawned and enter an infinite loop.

Page 1 of 1.