oracle Archives | CW Enterprises

Critical Oracle WebLogic Vulnerability Flaw Actively Exploited by DarkIRC Malware

3rd December 2020GURUBARAN S

Juniper Threat Labs researchers observed active attacks on Oracle WebLogic software using CVE-2020-14882. This vulnerability, if successfully exploited, allows unauthenticated remote code execution. [...]

ModPipe Malware Steals Sensitive Information from Oracle POS Software used by Hundreds of Thousands of Hotels

17th November 2020GURUBARAN S

A new Point-of-Sale (PoS) named ModPipe malware is targeting devices utilized by many thousands of organizations within the hospitality sector, researchers have warned. [...]

Oracle Issues Out-of-Band Update for Remote-Access Vulnerability

3rd November 2020Dark Reading Staff

The exploit could give an attacker complete control of vulnerable WebLogic servers. Source: Dark Reading – Threat Intelligence – Oracle Issues Out-of-Band [...]

Oracle Issues Emergency Patch for Remote Code Execution Vulnerability in Oracle WebLogic Server

3rd November 2020GURUBARAN S

IT giant Oracle, on 1st November 2020, issued a Security Alert Advisory, CVE-2020-14750, regarding a remote code execution vulnerability on Oracle WebLogic Server. [...]

Oracle WebLogic Server RCE Flaw Under Active Attack

29th October 2020Lindsey O Donnell

The flaw in the console component of the WebLogic Server, CVE-2020-14882, is under active attack, researchers warn. Source: Threat Post – Web [...]

Oracle Releases Another Mammoth Security Patch Update

21st October 2020Jai Vijayan Contributing Writer

October’s CPU contains 402 patches for vulnerabilities across 29 product sets, many of which are remotely executable without the need for authentication. [...]

Oracle Kills 402 Bugs in Massive October Patch Update

21st October 2020Lindsey O Donnell

Over half of Oracle’s flaws in its quarterly patch update can be remotely exploitable without authentication; 65 are critical, and two have CVSS [...]

Unpatched Bugs in Oracle iPlanet Opens Door to Info-Disclosure, Injection

11th May 2020Tara Seals

CVE-2020-9315 and CVE-2020-9314 in iPlanet version 7 will not receive patches. Source: Threat Post – Web Security – Unpatched Bugs in Oracle [...]

Researchers Analyze Oracle WebLogic Flaw Under Attack

11th May 2020Dark Reading Staff

Trend Micro researchers explain how attackers bypassed the patch for a deserialization vulnerability in the Oracle WebLogic Server. Source: Dark Reading – [...]

Oracle: Unpatched Versions of WebLogic App Server Under Active Attack

4th May 2020Lindsey O Donnell

CVE-2020-2883 was patched in Oracle’s April 2020 Critical Patch Update – but proof of concept exploit code was published shortly after. Source: [...]