Security Bulletin: GNU C library (glibc) vulnerability affects IBM DataPower Gateways (CVE-2015-7547)

Summary A GNU C library glibc stack-based buffer overflow in getaddrinfo vulnerability affects IBM DataPower Gateways. Vulnerability Details CVEID: CVE-2015-7547 DESCRIPTION: GNU C Library glibc is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the nssdns backe...

Security Bulletin: A vulnerability in net-snmp affects IBM DataPower Gateways (CVE-2015-5621)

Summary IBM DataPower gateways has addressed a vulnerability in SNMP parsing routines that could cause the SNMP daemon to crash or execute arbitrary code. Vulnerability Details CVEID: CVE-2015-5621 DESCRIPTION: Net-SNMP is vulnerable to a denial of service, caused by incompletely parsed varBind...

Security Bulletin: A vulnerability in XML processing affects IBM DataPower Gateways (CVE-2015-1819)

Summary IBM DataPower Gateways has addressed a vulnerability in parsing certain XML files that could cause a denial of service. Vulnerability Details CVEID: CVE-2015-1819 DESCRIPTION: Libxml is vulnerable to a denial of service, caused by an XML External Entity Injection XXE error in the xmlreade...

CVE-2013-5795

Oracle Demantra has a backend Database Credentials Leak vulnerability (CVE-2013-5795) affecting Demantra Demand Management within Oracle Supply Chain Products Suite (versions including 12.2.1, 12.2.2, 12.2.3 and related 7.x/SQL-Server lines). The issue enables an attacker to retrieve database ins...