Lucene search
K
SybaseAdaptive Server Enterprise

21 matches found

CVE
CVE
added 2013/10/19 10:0 a.m.54 views

CVE-2013-6025

CVE-2013-6025 concerns XMLExternalEntity (XXE) processing in SAP Sybase Adaptive Server Enterprise (ASE) 15.7 ESD 2. The XMLParse procedure lets remote authenticated users read arbitrary files via a crafted XML document containing an external entity declaration. Affected product/version: SAP ASE ...

4CVSS6.7AI score0.08201EPSS
CVE
CVE
added 2017/01/23 9:0 p.m.53 views

CVE-2017-5371

CVE-2017-5371 affects SAP ASE OData Server (SAP ASE 16) and was disclosed as a Denial of Service vulnerability. The issue arises when processing crafted requests sent over the network to the OData service, which can crash the SAP ASE OData Server process. Public advisories (ERPScan/SAP Security N...

7.5CVSS7.2AI score0.03751EPSS
CVE
CVE
added 2013/11/23 6:0 p.m.49 views

CVE-2013-6863

SAP Sybase ASE 15.0.3 (pre-ESD 4.3), 15.5 (pre-ESD 5.3), and 15.7 (pre-SP50/SP100) are affected by CVE-2013-6863. The issue allows remote authenticated users to gain privileges via unspecified vectors. The available sources (NVD, Red Hat advisory) provide the affected version ranges and the high-...

9CVSS6.7AI score0.01948EPSS
CVE
CVE
added 2013/11/23 6:0 p.m.48 views

CVE-2013-6866

SAP Sybase ASE is affected prior to 15.0.3 ESD#4.3, prior to 15.5 ESD#5.3, and prior to 15.7 SP50/SP100, where remote authenticated users can execute arbitrary code via unspecified vectors (CR736689). The connected sources confirm these versions and the broad impact described, but do not provide ...

9CVSS7.7AI score0.03147EPSS
CVE
CVE
added 2005/02/15 5:0 a.m.47 views

CVE-2005-0441

Sybase ASE 12.x before 12.5.3 ESD#1 contains multiple stack-based buffer overflows that allow remote authenticated users to execute arbitrary code via (1) attrib_valid, (2) covert, (3) declare, (4) crafted query plan, or (5) crafted install java statement. Affected versions also include ASE

10CVSS7.4AI score0.08549EPSS
CVE
CVE
added 2013/10/24 12:0 a.m.46 views

CVE-2013-6245

SAP Sybase Adaptive Server Enterprise (ASE) is affected by CVE-2013-6245. The vulnerability affects ASE versions prior to 15.0.3 ESD#4.3, 15.5 prior to 15.5 ESD#5.3, and 15.7 prior to 15.7 SP50 or SP100, where remote authenticated users may execute arbitrary code via unspecified vectors. The Ness...

10CVSS7.5AI score0.0466EPSS
CVE
CVE
added 2013/11/23 6:0 p.m.46 views

CVE-2013-6859

The CVE-2013-6859 issue affects SAP Sybase Adaptive Server Enterprise (ASE) versions described as vulnerable before: 15.0.3 ESD#4.3 , 15.5 before 15.5 ESD#5.3 , and 15.7 before 15.7 SP50 or 15.7 SP100 . The root cause is improper authorization, enabling remote authenticated users to gain privileg...

8.5CVSS6.7AI score0.01571EPSS
CVE
CVE
added 2013/11/23 6:0 p.m.46 views

CVE-2013-6868

CVE-2013-6868 affects SAP Sybase ASE: versions 15.0.3 before 15.0.3 ESD#4.3, 15.5 before 15.5 ESD#5.3, and 15.7 before 15.7 SP50 or SP100. The vulnerability is a local information disclosure, arising from an unspecified vector, allowing local users to obtain sensitive data. The initial descriptio...

7.8CVSS6AI score0.01058EPSS
CVE
CVE
added 2003/12/10 5:0 a.m.45 views

CVE-2003-0327

Sybase ASE 12.5 is vulnerable to a remote DoS via an invalid-length remote password array , which triggers a heap-based overflow in the login handling path. The vulnerability requires a valid login to exploit and can cause the server to hang or become unresponsive (notably in Windows multi-thread...

5CVSS7AI score0.01767EPSS
CVE
CVE
added 2013/11/23 6:0 p.m.45 views

CVE-2013-6860

Technical details about CVE-2013-6860 are not publicly available in the provided documents. Monitor for updates; current information is limited to a generic description of affected SAP ASE versions and unspecified vectors.

6.8CVSS5.9AI score0.01281EPSS
CVE
CVE
added 2005/04/03 5:0 a.m.44 views

CVE-2005-0942

Affected software: Sybase Adaptive Server Enterprise (ASE) XP Server 12.x. Vulnerable component: XP Server process (xp_server). Root cause: Denial of service caused by processing malformed data sent to the XP Server TCP port, leading to a process crash. Impact: Availability loss for the XP Server...

5CVSS6.8AI score0.02028EPSS
CVE
CVE
added 2015/01/22 4:0 p.m.44 views

CVE-2015-1310

CVE-2015-1310 describes a SQL injection vulnerability in SAP Adaptive Server Enterprise (Sybase ASE). The affected product is SAP ASE, and the vulnerability allows remote attackers to execute arbitrary SQL commands via unspecified vectors (as noted alongside SAP Note 2113333). The public descript...

7.5CVSS8.3AI score0.01178EPSS
CVE
CVE
added 2015/06/08 2:0 p.m.43 views

CVE-2014-6284

CVE-2014-6284 affects SAP Sybase ASE prior to 15.7 SP132 and 16.0 prior to 16.0 SP01. The issue lets remote attackers bypass the challenge–response mechanism and obtain access to the probe account via a crafted response (SAP Security Note 2113995). The cited notes describe a security bypass in th...

7.5CVSS6.8AI score0.01817EPSS
CVE
CVE
added 2013/11/23 6:0 p.m.41 views

CVE-2013-6865

CVE-2013-6865 affects SAP Sybase Adaptive Server Enterprise (ASE) versions 15.0.3 before 15.0.3 ESD#4.3, 15.5 before 15.5 ESD#5.3, and 15.7 before 15.7 SP50 or SP100. The description: remote authenticated users can execute arbitrary code via unspecified vectors (CR732989). The connected Red Hat, ...

9CVSS7.7AI score0.03147EPSS
CVE
CVE
added 2018/04/24 8:0 p.m.41 views

CVE-2013-7245

The CVE-2013-7245 issue affects SAP Sybase ASE 15.7 Backup Server component prior to SP51. The root cause is a failure to validate credentials, allowing remote attackers to bypass access restrictions and perform database dumps. Impact is exposure of data via unauthorized dumps; no exploitation de...

7.5CVSS7.5AI score0.01468EPSS
CVE
CVE
added 2013/11/23 6:0 p.m.40 views

CVE-2013-6861

Technical details about CVE-2013-6861 are not provided in the supplied documents. No specific affected products, versions, root cause, impact, or fixes are disclosed here. Monitor sources for updates.

4.9CVSS5.9AI score0.00332EPSS
CVE
CVE
added 2013/11/23 6:0 p.m.40 views

CVE-2013-6867

The vulnerability (CVE-2013-6867) affects SAP Sybase Adaptive Server Enterprise (ASE) 15.7 before 15.7 SP50 or 15.7 SP100. Root cause not disclosed in provided sources; exploitation targets remote systems to cause a denial of service via unspecified vectors. No exploits or in‑the‑wild details are...

7.1CVSS6.9AI score0.01548EPSS
CVE
CVE
added 2016/11/03 10:0 a.m.40 views

CVE-2016-7402

CVE-2016-7402 affects SAP ASE 16.0 SP02 PL03 and earlier. The vulnerability is a SQL injection in dbcc import_sproc that allows attackers who control SourceDB and TargetDB to elevate privileges to sa (system administrator). Root cause is the dbcc import_sproc path; impact is privilege escalation ...

9.8CVSS9.8AI score0.01066EPSS
CVE
CVE
added 2013/11/23 6:0 p.m.39 views

CVE-2013-6862

CVE-2013-6862 affects SAP Sybase Adaptive Server Enterprise (ASE) prior to 15.0.3 ESD#4.3, 15.5 prior to 15.5 ESD#5.3, and 15.7 prior to 15.7 SP50 or SP100. The issue is a remote, unauthenticated DoS vulnerability caused by unspecified vectors that can trigger a condition (per Red Hat/NVD entries...

7.8CVSS6.9AI score0.01333EPSS
CVE
CVE
added 2014/10/17 11:0 p.m.38 views

CVE-2014-6283

SAP Adaptive Server Enterprise (ASE) versions affected: 15.7 before SP122 or SP63, 15.5 before ESD#5.4, and 15.0.3 before ESD#4.4. The issue arises from insufficient access restrictions, allowing remote authenticated database users to (1) overwrite the master encryption key or (2) trigger a buffe...

6.5CVSS7AI score0.01148EPSS
CVE
CVE
added 2013/11/23 6:0 p.m.35 views

CVE-2013-6864

CVE-2013-6864 affects SAP Sybase ASE: vulnerable versions include 15.0.3 before 15.0.3 ESD#4.3, 15.5 before 15.5 ESD#5.3, and 15.7 before 15.7 SP50 or SP100. The issue is a directory traversal in ASE that remote authenticated users can leverage to impact confidentiality, integrity, and availabili...

6.1CVSS6.4AI score0.01452EPSS