Oracle Archives - AZGAD WEBSITE SECURITY BLOG

Friday, April 19, 2024

Latest:

2020-12-03 Tom Spring

Xerox DocuShare Bugs Allowed Data Leaks

CISA warns the leading enterprise document management platform is open to attack and urges companies to apply fixes.

credit card data ESET Hospitality information stealer Malware Malware analysis MICROS Restaurant Enterprise Series (RES) 3700 POS modpipe modular Oracle point of sale pos restaurants

2020-11-13 Tara Seals

Cyberattackers Serve Up Custom Backdoor for Oracle Restaurant Software

The modular malware is highly sophisticated but may not be able to capture credit-card info.

bluekeep CVE-2020-14871 Exploit Hacks Malware Oracle oracle solaris SLAPSTICK unc1945 Vulnerabilities zero day

2020-11-04 Lindsey O'Donnell

Oracle Solaris Zero-Day Attack Revealed

A threat actor is compromising telecommunications companies and targeted financial and professional consulting industries using an Oracle flaw.

CVE-2020-14750 October 2020 critical patch update Oracle oracle flaw oracle update oracle web logic Out of band patch RCE remote code execution remote code execution flaw Vulnerabilities weblogic server

2020-11-03 Lindsey O'Donnell

Oracle Rushes Emergency Fix for Critical WebLogic Server Flaw

The remote code-execution flaw (CVE-2020-14750) is low-complexity and requires no user interaction to exploit.

active exploit console CVE-2020-14882 device takeover Hacks Oracle Oracle WebLogic Server remote code execution Vulnerabilities Web Security

2020-10-29 Lindsey O'Donnell

Oracle WebLogic Server RCE Flaw Under Active Attack

The flaw in the console component of the WebLogic Server, CVE-2020-14882, is under active attack, researchers warn.

CPU Critical Patch Update CVE-2020-14871 CVE-2020-1953 Oracle Oracle Communications Oracle E-Business Suite Oracle Financial Services Applications Oracle Fusion Middleware Oracle MySQL Oracle Retail Applications quarterly patch update remote code execution Security Update Vulnerabilities Web Security

2020-10-21 Lindsey O'Donnell

Oracle Kills 402 Bugs in Massive October Patch Update

Over half of Oracle’s flaws in its quarterly patch update can be remotely exploitable without authentication; 65 are critical, and two have CVSS scores of 10 out of 10.

Android apple Bug Bounty Critical flaws Developers ethical hackers HackerOne Hackers Oracle security tiktok Vulnerabilities Wal-Mart Web Security

2020-10-16 Elizabeth Montalbano

TikTok Launches Bug Bounty Program Amid Security Snafus

The move is a distinct change in direction for the app, which has been criticized and even banned for its security practices.

Barracuda Cryptominer cryptomining drupalgeddon 2.0 exploits golang linux Malware Oracle Security Vulnerabilities Vulnerabilities Web Security Windows Worm XMRig

2020-06-25 Tara Seals

Golang Worm Widens Scope to Windows, Adds Payload Capacity

A first-stage malware loader spotted in active campaigns has added additional exploits and a new backdoor capability.

CVE-2020-9314 CVE-2020-9315 image injection information disclosure iplanet no patch Oracle Vulnerabilities web console Web Security

2020-05-12 Tara Seals

Unpatched Bugs in Oracle iPlanet Opens Door to Info-Disclosure, Injection

CVE-2020-9315 and CVE-2020-9314 in iPlanet version 7 will not receive patches.

active exploit attacker CVE-2020-2883 Hacks Oracle oracle critical flaw Oracle Critical Patch Update Web Security weblogic server

2020-05-04 Lindsey O'Donnell

Oracle: Unpatched Versions of WebLogic App Server Under Active Attack

CVE-2020-2883 was patched in Oracle’s April 2020 Critical Patch Update – but proof of concept exploit code was published shortly after.

← Previous

By continuing to use the site, you agree to the use of cookies. more information