244 matches found
EUVD-2025-209176
IBM DataPower Gateway 10.6CD 10.6.1.0 through 10.6.5.0 and IBM DataPower Gateway 10.5.0 10.5.0.0 through 10.5.0.20 and IBM DataPower Gateway 10.6.0 10.6.0.0 through 10.6.0.8 IBM DataPower Gateway is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and...
EUVD-2025-209174
IBM DataPower Gateway 10.6CD 10.6.1.0 through 10.6.5.0 and IBM DataPower Gateway 10.5.0 10.5.0.0 through 10.5.0.20 and IBM DataPower Gateway 10.6.0 10.6.0.0 through 10.6.0.8 IBM DataPower Gateway could disclose sensitive system information from other domains to an administrative user...
CVE-2025-36373
IBM DataPower Gateway 10.6CD 10.6.1.0 through 10.6.5.0 and IBM DataPower Gateway 10.5.0 10.5.0.0 through 10.5.0.20 and IBM DataPower Gateway 10.6.0 10.6.0.0 through 10.6.0.8 IBM DataPower Gateway could disclose sensitive system information from other domains to an administrative user...
CVE-2025-36373
IBM DataPower Gateway site reports CVE-2025-36373: a vulnerability where valid administrative users could view services in domains they should not access, effectively exposing sensitive system information to an unauthorized control sphere (CWE-497). Affected: DataPower Gateway 10.6CD (10.6.1.0–10...
IBM DataPower Gateway 安全漏洞
IBM DataPower Gateway is a suite of International Business Machines IBM security and integration platforms designed specifically for mobile, cloud, application programming interfaces APIs, web, service-oriented architecture SOA, B2B and cloud workloads. The platform protects, integrates and...
PT-2026-29640
IBM DataPower Gateway 10.6CD 10.6.1.0 through 10.6.5.0 and IBM DataPower Gateway 10.5.0 10.5.0.0 through 10.5.0.20 and IBM DataPower Gateway 10.6.0 10.6.0.0 through 10.6.0.8 IBM DataPower Gateway is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and...
Security Bulletin: IBM DataPower Gateway vulnerable to Denial of Service due to body-parser
Summary The affected package is used in the UI Vulnerability Details CVEID:CVE-2025-13466 DESCRIPTION: body-parser 2.2.0 is vulnerable to denial of service due to inefficient handling of URL-encoded bodies with very large numbers of parameters. An attacker can send payloads containing thousands o...
Security Bulletin: IBM DataPower Gateway vulnerable to Denial of Service
Summary Processing a malformed PKCS12 file can cause an appliance reload. Vulnerability Details CVEID:CVE-2026-22795 DESCRIPTION: Issue summary: An invalid or NULL pointer dereference can happen in an application processing a malformed PKCS12 file. Impact summary: An application processing a...
Security Bulletin: IBM DataPower Gateway potentially vulnerable to library path manipulation
Summary GNU C is used by IBM DataPower Gateway as part of the Supervisor component. Vulnerability Details CVEID:CVE-2025-4802 DESCRIPTION: Untrusted LDLIBRARYPATH environment variable vulnerability in the GNU C Library version 2.27 to 2.38 allows attacker controlled loading of dynamically shared...
Security Bulletin: IBM DataPower Gateway vulnerable to a denial of service due to C-Ares
Summary C-Ares is used in IBM DataPower Gateway's DNS resolver Vulnerability Details CVEID:CVE-2025-31498 DESCRIPTION: c-ares is an asynchronous resolver library. From 1.32.3 through 1.34.4, there is a use-after-free in readanswers when processanswer may re-enqueue a query either due to a DNS...
Security Bulletin: IBM DataPower Gateway vulnerable to data corruption due to LZ4 (CVE-2019-17543)
Summary LZ4 is used in multiple components of IBM DataPower Gateway Vulnerability Details CVEID:CVE-2019-17543 DESCRIPTION: LZ4 before 1.9.2 has a heap-based buffer overflow in LZ4write32 related to LZ4compressdestSize, affecting applications that call LZ4compressfast with a large input. This iss...
EUVD-2020-26078
Malware in sbrugna...
EUVD-2018-12247
Malware in sbrugna...
EUVD-2018-12243
Malware in sbrugna...
EUVD-2018-12244
Malware in sbrugna...
EUVD-2020-25828
Malware in sbrugna...
EUVD-2020-26261
Malware in sbrugna...
EUVD-2021-25381
Malware in sbrugna...
EUVD-2020-26255
Malware in sbrugna...
EUVD-2019-14228
Malware in sbrugna...