On Saturday, Oracle released a security advisory addressing a high-severity vulnerability impacting E-Business Suite. Tracked as CVE-2025-61884, the vulnerability may allow an unauthenticated remote attacker to access sensitive resources. Oracle has not mentioned the vulnerability’s exploitation. However, Rob Duhart, the chief security officer of Oracle Security, described in his blog that “this vulnerability affects some … Continue reading “Oracle Addresses a New Vulnerability Impacting E-Business Suite (CVE-2025-61884)”
Tag: Oracle E-Business Suite
Oracle E-Business Suite Remote Code Execution Vulnerability Exploited in the Wild (CVE-2025-61882)
Oracle released a security advisory to address a critical zero-day vulnerability impacting the E-Business Suite. Tracked as CVE-2025-61882, the vulnerability has a CVSS score of 9.8. Successful exploitation of the vulnerability may allow an attacker to achieve remote code execution. Security reports suggest the vulnerability is actively exploited in Clop data theft attacks.
Oracle Patch Tuesday April 2023 Security Update Review
Oracle has released the April edition of Critical Patch Update, which contains a group of patches for 433 security vulnerabilities. Some of the vulnerabilities addressed this month impact various products. These patches address vulnerabilities in Oracle code and third-party components included in Oracle products. During Q2 2023 Oracle Critical Patch Update, the Oracle Communications product … Continue reading “Oracle Patch Tuesday April 2023 Security Update Review”
Oracle E-Business Suite Remote Code Execution Vulnerability (CVE-2022-21587)
A critical remote code execution vulnerability in the Oracle E-Business suite is being exploited in the wild shortly after proof-of-concept (PoC) was published. Tracked as CVE-2022-21587, the vulnerability may allow an unauthenticated attacker to execute arbitrary code on the target system. It has been rated critical and given a CVSSv3 base score of 9.8. … Continue reading “Oracle E-Business Suite Remote Code Execution Vulnerability (CVE-2022-21587)”
Oracle Releases 370 Security Patches for Various Oracle Products in October 2022 Patch Tuesday
Oracle October 2022 Patch Tuesday edition is out. The security update contains a total of 370 critical security patches affecting various Oracle product families. In this month’s update, 290 out of 370 security updates addressed are non-Oracle CVEs, or security flaws in third-party products (such as open-source components), which are exploitable in the context … Continue reading “Oracle Releases 370 Security Patches for Various Oracle Products in October 2022 Patch Tuesday”