Sybase

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2011-2475 1Sybase 1Onebridge Mobile Data Suite Apr 29, 2026 Jun 9, 2011 N/A· v4 N/A· v3 10.0 HIGH· v2 Format string vulnerability in ECTrace.dll in the iMailGateway service in the Internet Mail Gateway in OneBridge Server and DMZ Proxy in Sybase OneBridge Mobile Data Suite 5.5 and 5.6 allows remote attackers to execute a...Show more Format string vulnerability in ECTrace.dll in the iMailGateway service in the Internet Mail Gateway in OneBridge Server and DMZ Proxy in Sybase OneBridge Mobile Data Suite 5.5 and 5.6 allows remote attackers to execute arbitrary code via format string specifiers in unspecified string fields, related to authentication logging.Show less
CVE-2011-2474 1Sybase 1Easerver Apr 29, 2026 Jun 9, 2011 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Directory traversal vulnerability in the HTTP Server in Sybase EAServer 6.3.1 Developer Edition allows remote attackers to read arbitrary files via a /.\../\../\ sequence in a path.
CVE-2011-0497 1Sybase 4Appeon For Powerbuilder EaserverReplication Server+1 more Apr 29, 2026 Jan 20, 2011 N/A· v4 N/A· v3 7.8 HIGH· v2 Directory traversal vulnerability in Sybase EAServer 6.x before 6.3 ESD#2, as used in Appeon, Replication Server Messaging Edition (RSME), and WorkSpace, allows remote attackers to read arbitrary files via "../\" (dot do...Show more Directory traversal vulnerability in Sybase EAServer 6.x before 6.3 ESD#2, as used in Appeon, Replication Server Messaging Edition (RSME), and WorkSpace, allows remote attackers to read arbitrary files via "../\" (dot dot forward-slash backslash) sequences in a crafted request.Show less
CVE-2011-0496 1Sybase 4Appeon For Powerbuilder EaserverReplication Server+1 more Apr 29, 2026 Jan 20, 2011 N/A· v4 N/A· v3 10.0 HIGH· v2 Unspecified vulnerability in Sybase EAServer 5.x and 6.x before 6.3 ESD#2, as used in Appeon, Replication Server Messaging Edition (RSME), and WorkSpace, allows remote attackers to install arbitrary web services and exec...Show more Unspecified vulnerability in Sybase EAServer 5.x and 6.x before 6.3 ESD#2, as used in Appeon, Replication Server Messaging Edition (RSME), and WorkSpace, allows remote attackers to install arbitrary web services and execute arbitrary code, related to a "design vulnerability."Show less
CVE-2008-0912 1Sybase 2Mobilink Sql Anywhere Apr 23, 2026 Feb 22, 2008 N/A· v4 N/A· v3 10.0 HIGH· v2 Multiple heap-based buffer overflows in mlsrv10.exe in Sybase MobiLink 10.0.1.3629 and earlier, as used by SQL Anywhere Developer Edition 10.0.1.3415 and probably other products, allow remote attackers to execute arbitra...Show more Multiple heap-based buffer overflows in mlsrv10.exe in Sybase MobiLink 10.0.1.3629 and earlier, as used by SQL Anywhere Developer Edition 10.0.1.3415 and probably other products, allow remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a long (1) username, (2) version, or (3) remote ID. NOTE: some of these details are obtained from third party information.Show less
CVE-2006-3667 1Sybase 1Financial Fusion Consumer Banking Solution Apr 16, 2026 Jul 18, 2006 N/A· v4 N/A· v3 10.0 HIGH· v2 Unspecified vulnerability in Sybase/Financial Fusion Consumer Banking Suite versions before 20060706 has unknown impact and remote attack vectors.
CVE-2006-2539 1Sybase 1Easerver Apr 16, 2026 May 22, 2006 N/A· v4 N/A· v3 3.5 LOW· v2 Sybase EAServer 5.0 for HP-UX Itanium, 5.2 for IBM AIX, HP-UX PA-RISC, Linux x86, and Sun Solaris SPARC, and 5.3 for Sun Solaris SPARC does not properly protect passwords when they are being entered via the GUI, which al...Show more Sybase EAServer 5.0 for HP-UX Itanium, 5.2 for IBM AIX, HP-UX PA-RISC, Linux x86, and Sun Solaris SPARC, and 5.3 for Sun Solaris SPARC does not properly protect passwords when they are being entered via the GUI, which allows local users to obtain the cleartext passwords via the getSelectedText function in javax.swing.JPasswordField component.Show less
CVE-2006-1997 1Sybase 1Pylon Anywhere Apr 16, 2026 Apr 25, 2006 N/A· v4 N/A· v3 2.1 LOW· v2 Unspecified vulnerability in Sybase Pylon Anywhere groupware synchronization server before 7.0 allows local users to obtain sensitive information such as email and PIM data of another user via unknown attack vectors.
CVE-2006-1829 1Sybase 1Easerver Apr 16, 2026 Apr 19, 2006 N/A· v4 N/A· v3 4.0 MEDIUM· v2 EAServer Manager in Sybase EAServer 5.2 and 5.3 allows remote authenticated users, possibly guests, to obtain password credentials of arbitrary users via unspecified vectors involving (1) connection caches, (2) open pass...Show more EAServer Manager in Sybase EAServer 5.2 and 5.3 allows remote authenticated users, possibly guests, to obtain password credentials of arbitrary users via unspecified vectors involving (1) connection caches, (2) open password prompts, and (3) stored custom connection profiles.Show less
CVE-2005-2297 1Sybase 1Easerver Apr 16, 2026 Jul 19, 2005 N/A· v4 N/A· v3 4.6 MEDIUM· v2 Stack-based buffer overflow in TreeAction.do in Sybase EAServer 4.2.5 through 5.2 allows remote authenticated users to execute arbitrary code via a large javascript parameter.
CVE-2005-0942 1Sybase 1Adaptive Server Enterprise Apr 16, 2026 May 2, 2005 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The XP Server process (xp_server) in Sybase Adaptive Server Enterprise (ASE) XP Server 12.x before 12.5.3 ESD#1 allows attackers to cause a denial of service (process crash) via malformed data sent to the XP Server TCP p...Show more The XP Server process (xp_server) in Sybase Adaptive Server Enterprise (ASE) XP Server 12.x before 12.5.3 ESD#1 allows attackers to cause a denial of service (process crash) via malformed data sent to the XP Server TCP port.Show less
CVE-2005-0441 1Sybase 1Adaptive Server Enterprise Apr 16, 2026 Dec 22, 2004 N/A· v4 N/A· v3 10.0 HIGH· v2 Multiple stack-based buffer overflows in Sybase Adaptive Server Enterprise (ASE) 12.x before 12.5.3 ESD#1 allow remote authenticated users to execute arbitrary code via the (1) attrib_valid function, (2) covert function,...Show more Multiple stack-based buffer overflows in Sybase Adaptive Server Enterprise (ASE) 12.x before 12.5.3 ESD#1 allow remote authenticated users to execute arbitrary code via the (1) attrib_valid function, (2) covert function, (3) declare statement, or (4) a crafted query plan, or remote authenticated users with database owner or "sa" role privileges to execute arbitrary code via (5) a crafted install java statement.Show less
CVE-2003-0327 1Sybase 1Adaptive Server Enterprise Apr 16, 2026 Dec 15, 2003 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Sybase Adaptive Server Enterprise (ASE) 12.5 allows remote attackers to cause a denial of service (hang) via a remote password array with an invalid length, which triggers a heap-based buffer overflow.
CVE-2002-2250 1Sybase 1Adaptive Server Apr 16, 2026 Dec 31, 2002 N/A· v4 N/A· v3 10.0 HIGH· v2 Multiple buffer overflows in Sybase Adaptive Server 12.0 and 12.5 allow remote attackers to execute arbitrary code via (1) a long parameter to the xp_freedll extended stored procedure or (2) a long database name argument...Show more Multiple buffer overflows in Sybase Adaptive Server 12.0 and 12.5 allow remote attackers to execute arbitrary code via (1) a long parameter to the xp_freedll extended stored procedure or (2) a long database name argument to the DBCC CHECKVERIFY function.Show less
CVE-2002-1861 1Sybase 1Easerver Apr 16, 2026 Dec 31, 2002 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Sybase Enterprise Application Server 4.0, when running on Windows, allows remote attackers to retrieve files in the WEB-INF directory, which contains Java class files and configuration information, via a request to the W...Show more Sybase Enterprise Application Server 4.0, when running on Windows, allows remote attackers to retrieve files in the WEB-INF directory, which contains Java class files and configuration information, via a request to the WEB-INF directory with a trailing dot ("WEB-INF.").Show less
CVE-2001-0599 1Sybase 1Adaptive Server Anywhere Apr 16, 2026 Aug 2, 2001 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Sybase Adaptive Server Anywhere Database Engine 6.0.3.2747 and earlier as included with Symantec Ghost 6.5 allows a remote attacker to create a denial of service by sending large (> 45Kb) amounts of data to port 2638.
CVE-1999-0695 1Sybase 1Powerdynamo Apr 16, 2026 Apr 11, 2000 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The Sybase PowerDynamo personal web server allows attackers to read arbitrary files through a .. (dot dot) attack.

Previous 12