Overview On April 16, 2025, NSFOCUS CERT detected that Oracle officially released the Critical Patch Update (CPU) for April. A total of 390 vulnerabilities with different degrees were fixed this time. This security update involves Oracle MySQL Connectors, Oracle MySQL Server, Oracle Java SE, Oracle Fusion Middleware, Oracle Financial Services...
Tag: Oracle WebLogic
Oracle WebLogic Server Remote Code Execution Vulnerability (CVS 2023-21931) Notice
Overview Recently, NSFOCUS CERT found that Oracle officially issued a security notice to fix a remote code execution vulnerability in Oracle WebLogic Server (CVE-2023-21931). Due to a flaw in the getObject Instance () method of the WLNamingManager class in WebLogic, in the default configuration, unauthenticated remote attackers can pass in...
