Vulnerabilities > SAP > SQL Anywhere > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-11-08 CVE-2022-41259 Unspecified vulnerability in SAP SQL Anywhere 17.0
SAP SQL Anywhere - version 17.0, allows an authenticated attacker to prevent legitimate users from accessing a SQL Anywhere database server by crashing the server with some queries that use an ARRAY constructor.
network
low complexity
sap
6.5
2022-04-12 CVE-2022-27670 Resource Injection vulnerability in SAP SQL Anywhere 17.0
SAP SQL Anywhere - version 17.0, allows an authenticated attacker to prevent legitimate users from accessing a SQL Anywhere database server by crashing the server with some queries that use indirect identifiers.
network
low complexity
sap CWE-99
4.0
2017-04-10 CVE-2016-10310 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in SAP SQL Anywhere 11.0/16.0/17.0
Buffer overflow in the MobiLink Synchronization Server component in SAP SQL Anywhere 17 and possibly earlier allows remote authenticated users to cause a denial of service (resource consumption and process crash) by sending a crafted packet several times, aka SAP Security Note 2308778.
network
low complexity
sap CWE-119
4.0
2015-04-01 CVE-2015-2819 Improper Input Validation vulnerability in SAP SQL Anywhere 11.0/16.0
SAP Sybase SQL Anywhere 11 and 16 allows remote attackers to cause a denial of service (crash) via a crafted request, aka SAP Security Note 2108161.
network
low complexity
sap CWE-20
5.0