Lucene search
K

97 matches found

OSV
OSV
added 2016/11/30 8:59 p.m.5 views

CVE-2016-2887

IBM IMS Enterprise Suite Data Provider before 3.2.0.1 for Microsoft .NET allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors...

8.1CVSS5.8AI score0.00916EPSS
Exploits0References2
Prion
Prion
added 2016/11/30 8:59 p.m.19 views

Design/Logic Flaw

IBM IMS Enterprise Suite Data Provider before 3.2.0.1 for Microsoft .NET allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors...

5.5CVSS6AI score0.00916EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2016/11/30 8:0 p.m.37 views

CVE-2016-2887

Summary: IBM IMS Enterprise Suite Data Provider for Microsoft .NET (part of IMS) is vulnerable before version 3.2.0.1. The issue affects 3.2.0.0 and earlier and allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors. Impact (as stated): informatio...

8.1CVSS7.1AI score0.00916EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2016/11/30 8:0 p.m.21 views

CVE-2016-2887

IBM IMS Enterprise Suite Data Provider before 3.2.0.1 for Microsoft .NET allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors...

7.4AI score0.00916EPSS
Exploits0References2
Check Point Advisories
Check Point Advisories
added 2015/02/09 12:0 a.m.41 views

SAP SQL Anywhere .NET Data Provider Column Alias Buffer Overflow (CVE-2014-9264)

A buffer overflow vulnerability exists in SAP SQL Anywhere .NET Data Provider. The vulnerability is caused by insufficient boundary checks in the handling of column aliases. If an application allows untrusted input to be used as the column alias in an SQL query, by sending crafted requests to the...

7.5CVSS3.8AI score0.03938EPSS
Exploits1
NVD
NVD
added 2014/12/11 3:59 p.m.29 views

CVE-2014-9264

Stack-based buffer overflow in the .NET Data Provider in SAP SQL Anywhere allows remote attackers to execute arbitrary code via a crafted column alias...

7.5CVSS8.2AI score0.03938EPSS
Exploits1References4
Prion
Prion
added 2014/12/11 3:59 p.m.22 views

Stack overflow

Stack-based buffer overflow in the .NET Data Provider in SAP SQL Anywhere allows remote attackers to execute arbitrary code via a crafted column alias...

7.5CVSS8.9AI score0.03938EPSS
Exploits1References4
CVE
CVE
added 2014/12/11 3:0 p.m.58 views

CVE-2014-9264

SAP SQL Anywhere .NET Data Provider is affected by a stack-based buffer overflow when processing column aliases, allowing remote code execution. The issue arises from insufficient boundary checks in handling of column aliases (as detailed across ZDI advisories ZDI-14-412, ZDI-14-413, ZDI-14-414, ...

7.5CVSS8.4AI score0.03938EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2014/12/11 3:0 p.m.36 views

CVE-2014-9264

Stack-based buffer overflow in the .NET Data Provider in SAP SQL Anywhere allows remote attackers to execute arbitrary code via a crafted column alias...

8.2AI score0.03938EPSS
Exploits1References4
0day.today
0day.today
added 2014/12/10 12:0 a.m.99 views

SAP SQL Anywhere .NET Data Provider Code Execution Vulnerabilities

This allows attackers to execute arbitrary code on applications which pass user provided data to the vulnerable API in SAP SQL Anywhere. The specific flaw exists within the handling of the REPLICATE function. If an application allows untrusted input to be used as the length of a REPLICATE functio...

7.5CVSS7.7AI score0.03938EPSS
Exploits1
Zero Day Initiative
Zero Day Initiative
added 2014/12/09 12:0 a.m.34 views

SAP SQL Anywhere .NET Data Provider SPACE Function Heap Overflow Code Execution Vulnerability

This allows attackers to execute arbitrary code on applications which pass user provided data to the vulnerable API in SAP SQL Anywhere. The specific flaw exists within the handling of the SPACE function. If an application allows untrusted input to be used as the length of a SPACE function in a...

7.5CVSS7.7AI score0.03938EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
added 2014/12/09 12:0 a.m.33 views

SAP SQL Anywhere .NET Data Provider Column Alias Stack Buffer Overflow Code Execution Vulnerability

This allows attackers to execute arbitrary code on applications which pass user provided data to the vulnerable API in SAP SQL Anywhere. The specific flaw exists within the handling of column aliases. If an application allows untrusted input to be used as the column alias in a query, even if the...

7.5CVSS7.6AI score0.03938EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
added 2014/12/09 12:0 a.m.39 views

SAP SQL Anywhere .NET Data Provider Malformed Integer Stack Buffer Overflow Code Execution Vulnerability

This allows attackers to execute arbitrary code on applications which pass user provided data to the vulnerable API in SAP SQL Anywhere. The specific flaw exists within the handling of a malformed integer constant. If an application allows untrusted input to be used in a query, even if the input ...

7.5CVSS7.6AI score0.03938EPSS
Exploits1References1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.16 views

Microsoft SQL Server 7.0/2000 JET Database Engine 4.0 Buffer Overrun Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7541/info Microsoft SQL Server is prone to an exploitable buffer overrun vulnerability via the Jet Database Engine. This can occur while the JET 4.0 OLE DB data provider is querying data supplied via a remote source and i...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2009/10/07 12:0 a.m.12 views

Fedora 11 : sunbird-1.0-0.7.20090715hg.fc11 / thunderbird-3.0-2.7.b4.fc11 (2009-9911)

The remote Fedora host is missing one or more security updates : sunbird-1.0-0.7.20090715hg.fc11 : - Tue Sep 22 2009 Jan Horak - 1.0-0.7.20090715hg - Sync up with Thunderbird - Tue Aug 18 2009 Lubomir Rintel - 1.0-0.6.20090715hg - Update langpacks - Sun Jun 28 2009 Lubomir Rintel -...

5.6AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2007/07/01 12:0 a.m.37 views

Ingres Data Access Server Detection

The remote service is an Ingres Data Access Server, which translates requests from the JDBC driver and .NET Data Provider into an internal format and forwards them to the appropriate DBMS server. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc';...

5.5AI score
Exploits0References1
exploitpack
exploitpack
added 2003/05/09 12:0 a.m.34 views

Microsoft SQL Server 7.02000 JET Database Engine 4.0 - Buffer Overrun

Microsoft SQL Server 7.02000 JET Database Engine 4.0 - Buffer Overrun source: https://www.securityfocus.com/bid/7541/info Microsoft SQL Server is prone to an exploitable buffer overrun vulnerability via the Jet Database Engine. This can occur while the JET 4.0 OLE DB data provider is querying dat...

8AI score
Exploits0
Rows per page
Query Builder