Lucene search
K

468 matches found

Prion
Prion
added 2015/04/01 2:59 p.m.15 views

Design/Logic Flaw

SAP Sybase SQL Anywhere 11 and 16 allows remote attackers to cause a denial of service crash via a crafted request, aka SAP Security Note 2108161...

5CVSS7.7AI score0.02444EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2015/04/01 2:0 p.m.57 views

CVE-2015-2819

CVE-2015-2819 affects SAP Sybase SQL Anywhere 11 and 16. An anonymous, remotely exploitable DoS can be triggered by a crafted request, crashing the server. ERPScan’s advisory (ERPSCAN-15-010) and SAP Security Note 2108161 describe the vulnerability and remediation. A PoC is included in the adviso...

5CVSS9AI score0.02444EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2015/04/01 2:0 p.m.33 views

CVE-2015-2819

SAP Sybase SQL Anywhere 11 and 16 allows remote attackers to cause a denial of service crash via a crafted request, aka SAP Security Note 2108161...

9.2AI score0.02444EPSS
Exploits0References5
Prion
Prion
added 2015/01/22 4:59 p.m.13 views

Sql injection

SQL injection vulnerability in SAP Adaptive Server Enterprise Sybase ASE allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka SAP Note 2113333. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

7.5CVSS8.8AI score0.01178EPSS
Exploits0References1
Cvelist
Cvelist
added 2015/01/22 4:0 p.m.19 views

CVE-2015-1310

SQL injection vulnerability in SAP Adaptive Server Enterprise Sybase ASE allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka SAP Note 2113333. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

8.1AI score0.01178EPSS
Exploits0References1
Packet Storm
Packet Storm
added 2014/12/23 12:0 a.m.57 views

ObSecure ObSecure360 Unauthenticated SQL Injection

ObSecure ObSecure360 Unauthenticated SQL Injection Vulnerability Release Date: 23-Dec-2014 Software: ObSecure 360 http://obsecure.com.au/Solutions.html "obsecure is an innovative cyber security software company that provides high security information distribution and transfer solutions that take...

0.2AI score
Exploits0
erpscan
erpscan
added 2014/09/12 12:0 a.m.122 views

Sybase SQL Anywhere 11 and 16 - DoS

Application: Sybase SQL Anywhere 11 and 16 Vendor URL: Bugs: DoS Reported: 09.12.2014 Vendor response: 10.12.2014 Date of Public Advisory: 15.03.2015 Reference: SAP Security Note 2108161 Authors: Vahagn Vardanyan ERPScan VULNERABILITY INFORMATION Class: DoS CWE-122 Impact: DoS Remotely Exploitabl...

5CVSS9.6AI score0.02444EPSS
Exploits0
erpscan
erpscan
added 2014/09/12 12:0 a.m.47 views

SAP Afaria 7 XcListener - Missing authorization check

Application: SAP Afaria 7.0.6001.5 Vendor URL: http://www.sap.com Bugs: Missing authorization check Reported: 09.12.2014 Vendor response: 10.12.2014 Date of Public Advisory: 15.03.2015 Reference: SAP Security Note 2134905 Authors: Vahagn Vardanyan ERPScan Vulnerability information Class: DoS...

7.5CVSS2AI score0.02582EPSS
Exploits0
Check Point Advisories
Check Point Advisories
added 2014/07/16 12:0 a.m.14 views

SAP Sybase Event Stream Processor esp_parse Remote Code Execution (CVE-2014-3457)

Two unsafe pointer dereference vulnerabilities have been reported in SAP Sybase Event Stream Processor ESP. These vulnerabilities are caused by the listening service accepting unsanitized pointers in XMLRPC requests. A remote attacker can leverage these vulnerabilities by sending crafted requests...

3.7AI score
Exploits0
Check Point Advisories
Check Point Advisories
added 2014/07/10 12:0 a.m.3 views

SAP Sybase Event Stream Processor esp_parse ConnectionType Unsafe Pointer Dereference (CVE-2014-3458)

Five unsafe pointer dereference vulnerabilities have been reported in SAP Sybase Event Stream Processor ESP. These vulnerabilities are caused by the listening service accepting unsanitized pointers in XMLRPC requests. By sending crafted requests to a vulnerable server, an remote attacker can caus...

2.8AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.16 views

Sybase MobiLink 10.0.1.3629 - Multiple Heap Buffer Overflow Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/27914/info Sybase MobiLink is prone to multiple heap-based buffer-overflow vulnerabilities because the application fails to perform adequate boundary checks on user-supplied data. A successful exploit will allow remote...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.19 views

Sybase EAServer 6.3.1 - Multiple Vulnerabilities

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.21 views

Sybase Advantage Data Architect - "*.SQL" Format Heap Oveflow

No description provided by source. Exploit Title: Sybase Advantage Data Architect .SQL Format Heap Oveflow RCE Date: 2010-10-16 Author: d0lc3 @rmallof - http://elotrolad0.blogspot.com/ Software Link: http://www.sybase.com/products/databasemanagement/advantagedatabaseserver/data-architect-utility...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.19 views

Sybase EAServer 5.2 - Remote Stack Buffer Overflow

No description provided by source. $Id: sybaseeaserver.rb 9583 2010-06-22 19:11:05Z todb $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of us...

7.1AI score
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2014/05/22 12:0 a.m.23 views

(0Day) SAP Sybase ESP esp_parse ConnectionType.getName Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of SAP Sybase ESP. User interaction is not required to exploit this vulnerability. The specific flaw exists within the ConnectionType.getName function in espserverlib.dll. By sending specific argument...

7.5CVSS7.3AI score
Exploits0References2
Zero Day Initiative
Zero Day Initiative
added 2014/05/22 12:0 a.m.23 views

(0Day) SAP Sybase ESP esp_parse ConnectionType.getXmlDescription Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of SAP Sybase ESP. User interaction is not required to exploit this vulnerability. The specific flaw exists within the ConnectionType.getXmlDescription function in espparse.exe. By sending specific...

7.5CVSS7.3AI score
Exploits0References2
Zero Day Initiative
Zero Day Initiative
added 2014/05/22 12:0 a.m.19 views

(0Day) SAP Sybase ESP esp_parse ConnectionType.isInput Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of SAP Sybase ESP. User interaction is not required to exploit this vulnerability. The specific flaw exists within the ConnectionType.isInput function in espserverlib.dll. By sending specific argument...

7.5CVSS7.3AI score
Exploits0References2
Zero Day Initiative
Zero Day Initiative
added 2014/05/22 12:0 a.m.27 views

(0Day) SAP Sybase ESP esp_parse Connection.getError Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of SAP Sybase ESP. User interaction is not required to exploit this vulnerability. The specific flaw exists within the Connection.getError function in espserverlib.dll. By sending specific arguments t...

7.5CVSS7.3AI score
Exploits0References2
Zero Day Initiative
Zero Day Initiative
added 2014/05/22 12:0 a.m.21 views

(0Day) SAP Sybase ESP esp_parse Connection.setParams Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of SAP Sybase ESP. User interaction is not required to exploit this vulnerability. The specific flaw exists within the Connection.setParams function in espserverlib.dll. By sending specific arguments ...

7.5CVSS7.3AI score
Exploits0References2
Zero Day Initiative
Zero Day Initiative
added 2014/05/22 12:0 a.m.25 views

(0Day) SAP Sybase ESP esp_parse Connection.reset Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of SAP Sybase ESP. User interaction is not required to exploit this vulnerability. The specific flaw exists within the Connection.reset function in espserverlib.dll. By sending specific arguments to t...

7.5CVSS7.3AI score
Exploits0References2
Rows per page
Query Builder