News

GovInfoSecurity1d
Drive-By Attack Vector Patched in Oracle Code Editor
Exploring Oracle Cloud Infrastructure, researchers at Tenable found that Oracle's console-based Code Editor tool failed to ...
Threat Post4y
Oracle WebLogic Server RCE Flaw Under Active Attack
Oracle WebLogic Server is a popular application server used in building and deploying enterprise Java EE applications. The console component of the WebLogic Server has a flaw, CVE-2020-14882 ...
ZDNet4y
Oracle publishes rare out-of-band security update for WebLogic servers
Oracle has published on Sunday a rare out-of-band security update to address an incomplete patch for a recently disclosed vulnerability in Oracle WebLogic servers that is currently being actively ...
TechRadar4y
Oracle rushes out emergency patch for flaw in WebLogic servers
If exploited, CVE-2020-14882 can allow an attacker to execute malicious code on one of Oracle's WebLogic servers with elevated privileges before its authentication kicks in.
ZDNet5y
Data leak, phishing security flaws disclosed in Oracle iPlanet Web Server
CVE-2020-9315 permits the read of any page within the console, without authentication, ... Oracle iPlanet Web Server 7.0.x is vulnerable to these issues, ...