Critical Patch Update Announcement in April for All Oracle Products
April 18, 2025
Overview On April 16, 2025, NSFOCUS CERT detected that Oracle officially released the Critical Patch Update (CPU) for April. A total of 390 vulnerabilities with different degrees were fixed this time. This security update involves Oracle MySQL Connectors, Oracle MySQL Server, Oracle Java SE, Oracle Fusion Middleware, Oracle Financial Services Applications, Oracle Communications Applications and […]
Oracle WebLogic Server Remote Code Execution Vulnerability (CVS 2023-21931) Notice
April 21, 2023
Overview Recently, NSFOCUS CERT found that Oracle officially issued a security notice to fix a remote code execution vulnerability in Oracle WebLogic Server (CVE-2023-21931). Due to a flaw in the getObject Instance () method of the WLNamingManager class in WebLogic, in the default configuration, unauthenticated remote attackers can pass in specific objects through T3/IIOP, ultimately […]
