cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-33990,https://securityvulnerability.io/vulnerability/CVE-2023-33990,Denial of Service (DoS) vulnerability in SAP SQL Anywhere,"This vulnerability in SAP SQL Anywhere version 17.0 for Windows allows a low privileged attacker with local access to disrupt legitimate users by causing the service to crash. By writing to shared memory objects, the attacker can initiate a Denial of Service attack, preventing user access and potentially compromising sensitive data stored in those objects. This issue does not impact other operating systems.",SAP,SAP Sql Anywhere,7.8,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2023-07-11T03:15:00.000Z,0
CVE-2022-41259,https://securityvulnerability.io/vulnerability/CVE-2022-41259,Denial of Service Vulnerability in SAP SQL Anywhere Server,"An authenticated attacker can exploit a vulnerability in SAP SQL Anywhere version 17.0 by executing specific queries that utilize an ARRAY constructor. This can lead to a denial of service, where legitimate users are unable to access the SQL Anywhere database server due to it being crashed. Preventive measures should be implemented to mitigate such risks effectively.",SAP,SAP Sql Anywhere,6.5,MEDIUM,0.0008099999977275729,false,,false,false,false,,,false,false,,2022-11-08T00:00:00.000Z,0
CVE-2022-35299,https://securityvulnerability.io/vulnerability/CVE-2022-35299,Memory Corruption Vulnerability in SAP SQL Anywhere and SAP IQ,"SAP SQL Anywhere version 17.0 and SAP IQ version 16.1 are susceptible to a memory corruption vulnerability that arises from logical errors in memory management. This flaw may be exploited to trigger conditions such as stack-based buffer overflow, leading to potential disruption of service and unauthorized access to confidential data. It is critical for organizations using these products to evaluate their systems and apply necessary security updates to mitigate potential threats.",SAP,"SAP Sql Anywhere,SAP Iq",9.8,CRITICAL,0.0028699999675154686,false,,false,false,false,,,false,false,,2022-10-11T00:00:00.000Z,0
CVE-2022-27670,https://securityvulnerability.io/vulnerability/CVE-2022-27670,Denial of Service Vulnerability in SAP SQL Anywhere by SAP,"An authenticated attacker can exploit a vulnerability in SAP SQL Anywhere, specifically version 17.0, to disrupt the availability of the database server. By crafting specific queries that utilize indirect identifiers, the attacker can crash the server, effectively blocking legitimate users from accessing their data. This vulnerability necessitates prompt remediation to ensure the integrity and availability of SQL Anywhere databases.",SAP,SAP Sql Anywhere Server,6.5,MEDIUM,0.0008099999977275729,false,,false,false,false,,,false,false,,2022-04-12T16:11:25.000Z,0
CVE-2019-0381,https://securityvulnerability.io/vulnerability/CVE-2019-0381,Binary Planting Vulnerability in SAP SQL Anywhere and Related Products by SAP,"A binary planting vulnerability exists in SAP SQL Anywhere, SAP IQ, and SAP Dynamic Tier, allowing unauthorized access to files located in directories outside user-specified paths. This could lead to potential data exposure or compromise, highlighting the importance of securing data access within these applications.",SAP,"SAP Iq,SAP Sql Anywhere,SAP Dynamic Tiering",5.5,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2019-10-08T19:29:26.000Z,0