Critical Patch Update Announcement in April for All Oracle Products
April 18, 2025
Overview On April 16, 2025, NSFOCUS CERT detected that Oracle officially released the Critical Patch Update (CPU) for April. A total of 390 vulnerabilities with different degrees were fixed this time. This security update involves Oracle MySQL Connectors, Oracle MySQL Server, Oracle Java SE, Oracle Fusion Middleware, Oracle Financial Services Applications, Oracle Communications Applications and […]
Oracle WebLogic Server Remote Code Execution and Denial of Service Vulnerability (CVE-2025-21535/CVE-2025-21549)
January 23, 2025
Overview Recently, NSFOCUS CERT detected that Oracle has released a security announcement, in which the remote code execution and denial of service vulnerabilities of Oracle WebLogic Server have been fixed. Affected users should take protective measures as soon as possible. CVE-2025-21535: When the T3/IIOP protocol is enabled, an unauthenticated attacker sends a special request to […]
Oracle WebLogic Server Remote Code Execution Vulnerability (CVE-2024-21216)
November 8, 2024
Overview Recently, NSFOCUS CERT detected that Oracle issued a security announcement and fixed the deserialization vulnerability in WebLogic Server (CVE-2024-21216). Since WebLogic does not strictly filter incoming data through the T3/IIOP protocol, when the T3/IIOP protocol is enabled, an unauthenticated remote attacker sends a special request to the server through the T3/IIOP protocol to execute […]
Oracle Products Key Patches Update Notice for July 2023
July 19, 2023
Overview On July 19, NSFOCUS CERT found that Oracle officially released the Critical Patch Update in July with 508 vulnerabilities included. This security update involved Oracle WebLogic Server, Oracle MySQL, Oracle Financial Services Applications, Oracle Enterprise Manager, Oracle Retail Applications and other commonly used products. Oracle strongly recommends its customers apply critical patches to update […]
Critical Patch Update Notice for All Oracle Products in April 2022
April 21, 2022
Overview On April 20, 2022, NSFOCUS’s CERT monitoring found that Oracle officially released the April Critical Patch Update announcement CPU (Critical Patch Update). A total of 520 vulnerabilities of varying degrees were fixed. This security update involves Oracle WebLogic Server. , Oracle MySQL, Oracle Java SE, Oracle FusionMiddleware, Oracle Retail Applications and many other common […]
Oracle July 2021 Critical Patch Update for All Product Families
August 2, 2021
Overview On July 21, 2021, NSFOCUS detected that Oracle released the July 2021 Critical Patch Update (CPU), which fixed 342 vulnerabilities of varying risk levels. This CPU involves multiple commonly used products, such as Oracle Database Server, Oracle Java SE, Oracle Fusion Middleware, Oracle MySQL, and Oracle Communications. Oracle strongly recommends that users fix these […]
Oracle January 2021 Critical Patch Update for All Product Families
January 24, 2021
Overview
On January 20, 2021, NSFOCUS detected that Oracle released the January 2021 Critical Patch Update (CPU), which fixed 329 vulnerabilities of varying risk levels. This CPU involves multiple commonly used products, such as Oracle WebLogic Server, Oracle Database Server, Oracle Java SE, Oracle Fusion Middleware, Oracle MySQL, Oracle Enterprise Manager, and Oracle Systems. Oracle strongly recommends users fix these vulnerabilities by applying Critical Patch Update patches as soon as possible.
(more…)Oracle October 2020 Critical Patch Update for All Product Families Threat Alert
October 31, 2020
Overview
On October 20, 2020, local time, Oracle released Critical Patch Update (CPU) for October 2020, its own security advisories, and third-party security bulletins, which fix 402 vulnerabilities of varying severity levels. For details about affected products and available patches, see the appendix.
For complete information, see Oracle’s official security advisory from the following link:
Oracle July 2020 Critical Patch Update for All Product Families Threat Alert
July 31, 2020
Overview
On July 14, 2020 local time, Oracle released its July 2020 Critical Patch Update (CPU), its own security advisories, and third-party security bulletins, which fix 443 vulnerabilities of varying severity levels. For details about affected products and available patches, see the appendix.
(more…)Oracle October 2019 Critical Patch Update for All Product Families Threat Alert
October 21, 2019
Overview
On October 15, 2019, local time, Oracle released its own security advisory and third-party security advisories for its October 2019 Critical Patch Update (CPU) which fixes 240 vulnerabilities of varying severity levels across the product families. For details about affected products and available patches, visit the appendix. (more…)
