CVSS: 4.9EPSS: 0%CPEs: 3EXPL: 0CVE-2013-6861
https://notcve.org/view.php?id=CVE-2013-6861
Unspecified vulnerability in SAP Sybase Adaptive Server Enterprise (ASE) 15.0.3 before 15.0.3 ESD#4.3, 15.5 before 15.5 ESD#5.3, and 15.7 before 15.7 SP50 or 15.7 SP100 allows local users to obtain sensitive information via unspecified vectors. Vulnerabilidad no especificada en SAP Sybase Adaptive Server Enterprise (ASE) 15.0.3 anterior a 15.0.3 ESD#4.3, 15.5 anterior a 15.5 ESD#5.3, y 15.7 anterior a 15.7 SP50 o 15.7 SP100 permite a usuarios locales obtener información sensible a través de vectores no especificados. • http://scn.sap.com/docs/DOC-8218 http://secunia.com/advisories/55537 http://www.sybase.com/detail?id=1099371 https://service.sap.com/sap/support/notes/1809246 •
CVSS: 4.0EPSS: 5%CPEs: 1EXPL: 1CVE-2013-6025 – SAP Sybase Adaptive Server Enterprise - XML External Entity Information Disclosure
https://notcve.org/view.php?id=CVE-2013-6025
The XMLParse procedure in SAP Sybase Adaptive Server Enterprise (ASE) 15.7 ESD 2 allows remote authenticated users to read arbitrary files via a SQL statement containing an XML document with an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. El procedimiento XMLParse en SAP Sybase Adaptive Server Enterprise (ASE) 15.7 ESD 2 permite a los usuarios remotos autenticados leer archivos arbitrarios a través de una declaración SQL que contenga un documento XML con una declaración de una entidad externa, relacionada con una referencia de entidad, en relación con un problema XML External Entity (XXE). SAP Sybase Adaptive Server Enterprise suffers from an XXE injection vulnerability. • https://www.exploit-db.com/exploits/38805 http://secunia.com/advisories/55377 http://www.kb.cert.org/vuls/id/303900 http://www.securityfocus.com/bid/63193 http://www.securitytracker.com/id/1029208 https://exchange.xforce.ibmcloud.com/vulnerabilities/88105 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 5.0EPSS: 1%CPEs: 29EXPL: 0CVE-2005-0942
https://notcve.org/view.php?id=CVE-2005-0942
The XP Server process (xp_server) in Sybase Adaptive Server Enterprise (ASE) XP Server 12.x before 12.5.3 ESD#1 allows attackers to cause a denial of service (process crash) via malformed data sent to the XP Server TCP port. • http://archives.neohapsis.com/archives/bugtraq/2004-12/0315.html http://marc.info/?l=bugtraq&m=111272918117194&w=2 http://secunia.com/advisories/13632 http://www.ngssoftware.com/advisories/sybase-ase.txt http://www.securityfocus.com/archive/1/393851 http://www.securityfocus.com/bid/12080 http://www.sybase.com/detail/1%2C6904%2C1033894%2C00.html http://www.sybase.com/detail?id=1034520 http://www.sybase.com/detail?id=1034752 https://exchange.xforce.ibmcloud.com/vulnerabilities&# •
CVSS: 10.0EPSS: 14%CPEs: 29EXPL: 0CVE-2005-0441
https://notcve.org/view.php?id=CVE-2005-0441
Multiple stack-based buffer overflows in Sybase Adaptive Server Enterprise (ASE) 12.x before 12.5.3 ESD#1 allow remote authenticated users to execute arbitrary code via the (1) attrib_valid function, (2) covert function, (3) declare statement, or (4) a crafted query plan, or remote authenticated users with database owner or "sa" role privileges to execute arbitrary code via (5) a crafted install java statement. • http://archives.neohapsis.com/archives/bugtraq/2004-12/0315.html http://marc.info/?l=bugtraq&m=111272918117194&w=2 http://secunia.com/advisories/13632 http://www.ngssoftware.com/advisories/sybase-ase.txt http://www.securityfocus.com/archive/1/393851 http://www.securityfocus.com/bid/12080 http://www.sybase.com/detail/1%2C6904%2C1033894%2C00.html http://www.sybase.com/detail?id=1034520 http://www.sybase.com/detail?id=1034752 https://exchange.xforce.ibmcloud.com/vulnerabilities&# •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2003-0327
https://notcve.org/view.php?id=CVE-2003-0327
Sybase Adaptive Server Enterprise (ASE) 12.5 allows remote attackers to cause a denial of service (hang) via a remote password array with an invalid length, which triggers a heap-based buffer overflow. Sybase Adaptive Serve Enterprise (ASE) 12.5 permite a atacantes remotos causar una denegación de servicio (cuelgue) mediante una contraseña remota con una longitud inválida, lo que dispara un desbordamiento de búfer en el montón. • http://marc.info/?l=bugtraq&m=106936096103805&w=2 http://www.rapid7.com/advisories/R7-0016.html https://exchange.xforce.ibmcloud.com/vulnerabilities/13800 •