Tag: Oracle Vulnerability

Overview On January 20, 2021, NSFOCUS detected that Oracle released the January 2021 Critical Patch Update (CPU), which fixed 329 vulnerabilities of varying risk levels. This CPU involves multiple commonly used products, such as Oracle WebLogic Server, Oracle Database Server, Oracle Java SE, Oracle Fusion Middleware, Oracle MySQL, Oracle Enterprise...

Overview On October 20, 2020, local time, Oracle released Critical Patch Update (CPU) for October 2020, its own security advisories, and third-party security bulletins, which fix 402 vulnerabilities of varying severity levels. For details about affected products and available patches, see the appendix. For complete information, see Oracle's official security...

Overview On July 14, 2020 local time, Oracle released its July 2020 Critical Patch Update (CPU), its own security advisories, and third-party security bulletins, which fix 443 vulnerabilities of varying severity levels. For details about affected products and available patches, see the appendix. (more…)

Overview On October 15, 2019, local time, Oracle released its own security advisory and third-party security advisories for its October 2019 Critical Patch Update (CPU) which fixes 240 vulnerabilities of varying severity levels across the product families. For details about affected products and available patches, visit the appendix. (more…)

Overview Recently, the NSFOCUS security team has found that the Oracle Weblogic vulnerability is exploited in the wild. Its attack signature is similar to that of the CVE-2019-2725 vulnerability. The attack can bypass the latest security patch released by Oracle in April. This vulnerability exists because no proper sanitization is...