Vulnerabilities > Sybase > Adaptive Server Enterprise > 15.7

DATE CVE VULNERABILITY TITLE RISK
2013-11-23 CVE-2013-6861 Unspecified vulnerability in Sybase Adaptive Server Enterprise 15.0.3/15.5/15.7
Unspecified vulnerability in SAP Sybase Adaptive Server Enterprise (ASE) 15.0.3 before 15.0.3 ESD#4.3, 15.5 before 15.5 ESD#5.3, and 15.7 before 15.7 SP50 or 15.7 SP100 allows local users to obtain sensitive information via unspecified vectors.
local
low complexity
sybase
4.9
4.9
2013-11-23 CVE-2013-6860 Unspecified vulnerability in Sybase Adaptive Server Enterprise 15.0.3/15.5/15.7
Unspecified vulnerability in SAP Sybase Adaptive Server Enterprise (ASE) before 15.0.3 ESD#4.3, 15.5 before 15.5 ESD#5.3, and 15.7 before 15.7 SP50 or 15.7 SP100 allows remote authenticated users to obtain sensitive information via unspecified vectors.
network
low complexity
sybase
6.8
6.8
2013-11-23 CVE-2013-6859 Improper Authentication vulnerability in Sybase Adaptive Server Enterprise 15.0.3/15.5/15.7
SAP Sybase Adaptive Server Enterprise (ASE) before 15.0.3 ESD#4.3.
network
sybase CWE-287
8.5
8.5
2013-10-19 CVE-2013-6025 Code Injection vulnerability in Sybase Adaptive Server Enterprise 15.7
The XMLParse procedure in SAP Sybase Adaptive Server Enterprise (ASE) 15.7 ESD 2 allows remote authenticated users to read arbitrary files via a SQL statement containing an XML document with an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
network
low complexity
sybase CWE-94
4.0
4.0