Vulnerabilities > SAP > SQL Anywhere > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-11-08 | CVE-2022-41259 | Unspecified vulnerability in SAP SQL Anywhere 17.0 SAP SQL Anywhere - version 17.0, allows an authenticated attacker to prevent legitimate users from accessing a SQL Anywhere database server by crashing the server with some queries that use an ARRAY constructor. | 6.5 |
| 2022-04-12 | CVE-2022-27670 | Resource Injection vulnerability in SAP SQL Anywhere 17.0 SAP SQL Anywhere - version 17.0, allows an authenticated attacker to prevent legitimate users from accessing a SQL Anywhere database server by crashing the server with some queries that use indirect identifiers. | 4.0 |
| 2017-04-10 | CVE-2016-10310 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in SAP SQL Anywhere 11.0/16.0/17.0 Buffer overflow in the MobiLink Synchronization Server component in SAP SQL Anywhere 17 and possibly earlier allows remote authenticated users to cause a denial of service (resource consumption and process crash) by sending a crafted packet several times, aka SAP Security Note 2308778. | 4.0 |
| 2015-04-01 | CVE-2015-2819 | Improper Input Validation vulnerability in SAP SQL Anywhere 11.0/16.0 SAP Sybase SQL Anywhere 11 and 16 allows remote attackers to cause a denial of service (crash) via a crafted request, aka SAP Security Note 2108161. | 5.0 |