Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
adaptive server enterprise vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2020-6259
Under certain conditions SAP Adaptive Server Enterprise, versions 15.7, 16.0, allows an malicious user to access information which would otherwise be restricted leading to Missing Authorization Check.
Sap Adaptive Server Enterprise 15.7
Sap Adaptive Server Enterprise 16.0
3.5
CVSSv3
CVE-2020-6317
In certain situations, an attacker with regular user credentials and local access to an ASE cockpit installation can access sensitive information which appears in the installation log files. This information although sensitive is of limited utility and cannot be used to further a...
Sap Adaptive Server Enterprise 15.7
Sap Adaptive Server Enterprise 16.0
9.8
CVSSv3
CVE-2016-7402
SAP ASE 16.0 SP02 PL03 and prior versions allow attackers who own SourceDB and TargetDB databases to elevate privileges to sa (system administrator) via dbcc import_sproc SQL injection.
Sybase Adaptive Server Enterprise
NA
CVE-2013-6245
Unspecified vulnerability in SAP Sybase Adaptive Server Enterprise (ASE) prior to 15.0.3 ESD#4.3. 15.5 prior to 15.5 ESD#5.3, and 15.7 prior to 15.7 SP50 or 15.7 SP100 allows remote authenticated users to execute arbitrary code via unspecified vectors.
Sybase Adaptive Server Enterprise
NA
CVE-2015-1310
SQL injection vulnerability in SAP Adaptive Server Enterprise (Sybase ASE) allows remote malicious users to execute arbitrary SQL commands via unspecified vectors, aka SAP Note 2113333. NOTE: the provenance of this information is unknown; the details are obtained solely from thir...
Sybase Adaptive Server Enterprise
7.2
CVSSv3
CVE-2020-6248
SAP Adaptive Server Enterprise (Backup Server), version 16.0, does not perform the necessary validation checks for an authenticated user while executing DUMP or LOAD command allowing arbitrary code execution or Code Injection.
Sap Adaptive Server Enterprise Backup Server 16.0
1 Article
NA
CVE-2013-6025
The XMLParse procedure in SAP Sybase Adaptive Server Enterprise (ASE) 15.7 ESD 2 allows remote authenticated users to read arbitrary files via a SQL statement containing an XML document with an external entity declaration in conjunction with an entity reference, related to an XML...
Sybase Adaptive Server Enterprise 15.7
1 EDB exploit
7.5
CVSSv3
CVE-2017-5371
Odata Server in SAP Adaptive Server Enterprise (ASE) 16 allows remote malicious users to cause a denial of service (process crash) via a series of crafted requests, aka SAP Security Note 2330422.
Sybase Adaptive Server Enterprise 16.0
NA
CVE-2013-6867
Unspecified vulnerability in SAP Sybase Adaptive Server Enterprise (ASE) 15.7 prior to 15.7 SP50 or 15.7 SP100 allows remote malicious users to cause a denial of service via unspecified vectors.
Sybase Adaptive Server Enterprise 15.7
8.8
CVSSv3
CVE-2020-6241
SAP Adaptive Server Enterprise, version 16.0, allows an authenticated user to execute crafted database queries to elevate privileges of users in the system, leading to SQL Injection.
Sap Adaptive Server Enterprise 16.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »