Lucene search
K

468 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 9:55 a.m.7 views

CVE-2011-5078

The web administration interface in the server in Sybase M-Business Anywhere 6.7 before ESD 3 and 7.0 before ESD 7 does not require admin authentication for unspecified scripts, which allows remote authenticated users to list or delete user accounts, modify passwords, or read log files via HTTP...

6.5CVSS6.9AI score0.01117EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:21 a.m.13 views

CVE-2011-2474

Directory traversal vulnerability in the HTTP Server in Sybase EAServer 6.3.1 Developer Edition allows remote attackers to read arbitrary files via a /.\../\../\ sequence in a path...

5CVSS6.9AI score0.63612EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/22 2:12 a.m.23 views

CVE-2012-4340

Cross-site scripting XSS vulnerability in Sybase EAServer before 6.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS6AI score0.00931EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 12:34 a.m.9 views

CVE-2013-6866

SAP Sybase Adaptive Server Enterprise ASE before 15.0.3 ESD4.3, 15.5 before 15.5 ESD5.3, and 15.7 before 15.7 SP50 or 15.7 SP100 allows remote authenticated users to execute arbitrary code via unspecified vectors, aka CR736689...

9CVSS7.8AI score0.03147EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 12:28 a.m.6 views

CVE-2013-6861

Unspecified vulnerability in SAP Sybase Adaptive Server Enterprise ASE 15.0.3 before 15.0.3 ESD4.3, 15.5 before 15.5 ESD5.3, and 15.7 before 15.7 SP50 or 15.7 SP100 allows local users to obtain sensitive information via unspecified vectors...

4.9CVSS6.2AI score0.00332EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/21 8:25 p.m.11 views

CVE-2002-1861

Sybase Enterprise Application Server 4.0, when running on Windows, allows remote attackers to retrieve files in the WEB-INF directory, which contains Java class files and configuration information, via a request to the WEB-INF directory with a trailing dot "WEB-INF."...

5CVSS7AI score0.02119EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/21 8:16 p.m.12 views

CVE-2009-2899

The monitor perl script in the Sybase database plug-in in SpringSource Hyperic HQ before 4.3 allows local users to obtain the database password by listing the process and its arguments...

2.1CVSS6.6AI score0.00375EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/21 6:22 p.m.7 views

CVE-1999-0695

The Sybase PowerDynamo personal web server allows attackers to read arbitrary files through a .. dot dot attack...

5CVSS6.9AI score0.01096EPSS
Exploits0References1
Packet Storm
Packet Storm
added 2024/09/01 12:0 a.m.225 views

Sybase Easerver 6.3 Directory Traversal

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Sybase Easerver 6.3 Directory Traversal', 'Description' = %q This module exploits a directory traversal vulnerability found in Sybase EAserver's...

5CVSS7AI score0.63612EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2022/10/24 12:0 a.m.17 views

Sybase DB Compliance Checks

Binary data sybasedbcompliancecheck.nbin...

7.3AI score
Exploits0
VulnCheck KEV
VulnCheck KEV
added 2022/01/12 12:0 a.m.5 views

VulnCheck KEV: CVE-2011-2474

Directory traversal vulnerability in the HTTP Server in Sybase EAServer 6.3.1 Developer Edition allows remote attackers to read arbitrary files via a /.../../\ sequence in a path...

5CVSS5.9AI score0.63612EPSS
Exploits2References1
IBM Security Bulletins
IBM Security Bulletins
added 2021/07/15 7:7 p.m.12 views

Security Bulletin: IBM Data Replication Support Tool Information Collection on Sybase Platform

Summary This bulletin covers an incorrect behaviour of the Support Information tool running against Sybase databases where the tool may capture database credential information in support traces. Vulnerability Details Third Party Entry: PSIRT-ADV0024332 DESCRIPTION: Created from Advisory: ADV00243...

Exploits0Affected Software1
Kitploit
Kitploit
added 2020/09/07 2:38 a.m.220 views

SQLMap v1.4.9 - Automatic SQL Injection And Database Takeover Tool

SQLMap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lastin...

8.5AI score
Exploits0References9
The Hacker News
The Hacker News
added 2020/06/03 12:56 p.m.7 views

Newly Patched SAP ASE Flaws Could Let Attackers Hack Database Servers

A new set of critical vulnerabilities uncovered in SAP's Sybase database software can grant unprivileged attackers complete control over a targeted database and even the underlying operating system in certain scenarios. The six flaws, disclosed by cybersecurity firm Trustwave today, reside in...

9.1CVSS7.7AI score0.01888EPSS
Exploits0
The Hacker News
The Hacker News
added 2020/06/03 12:56 p.m.58 views

Newly Patched SAP ASE Flaws Could Let Attackers Hack Database Servers

A new set of critical vulnerabilities uncovered in SAP's Sybase database software can grant unprivileged attackers complete control over a targeted database and even the underlying operating system in certain scenarios. The six flaws, disclosed by cybersecurity firm Trustwave today, reside in...

9.1CVSS8.2AI score0.01888EPSS
Exploits0
OpenVAS
OpenVAS
added 2020/01/09 12:0 a.m.8 views

Fedora Update for freetds FEDORA-2019-b67929609d

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/12/16 12:0 a.m.16 views

Sybase ASE Login Possible

Binary data sybaselogin.nbin...

7.3AI score
Exploits0References1
Fedora
Fedora
added 2019/11/18 1:52 a.m.18 views

[SECURITY] Fedora 29 Update: freetds-1.1.20-1.fc29

FreeTDS is a project to document and implement the TDS Tabular DataStream protocol. TDS is used by SybaseTM and MicrosoftTM for client to database server communications. FreeTDS includes call level interfaces for DB-Lib, CT-Lib, and ODBC...

2AI score
Exploits0
Fedora
Fedora
added 2019/11/18 1:19 a.m.11 views

[SECURITY] Fedora 30 Update: freetds-1.1.20-1.fc30

FreeTDS is a project to document and implement the TDS Tabular DataStream protocol. TDS is used by SybaseTM and MicrosoftTM for client to database server communications. FreeTDS includes call level interfaces for DB-Lib, CT-Lib, and ODBC...

2AI score
Exploits0
Fedora
Fedora
added 2019/11/17 1:32 a.m.15 views

[SECURITY] Fedora 31 Update: freetds-1.1.20-1.fc31

FreeTDS is a project to document and implement the TDS Tabular DataStream protocol. TDS is used by SybaseTM and MicrosoftTM for client to database server communications. FreeTDS includes call level interfaces for DB-Lib, CT-Lib, and ODBC...

2AI score
Exploits0
Rows per page
Query Builder