Oracle Patch Tuesday April 2023 Security Update Review

Oracle has released the April edition of Critical Patch Update, which contains a group of patches for 433 security vulnerabilities. Some of the vulnerabilities addressed this month impact various products. These patches address vulnerabilities in Oracle code and third-party components included in Oracle products. During Q2 2023 Oracle Critical Patch Update, the Oracle Communications product … Continue reading “Oracle Patch Tuesday April 2023 Security Update Review”

Oracle Releases 370 Security Patches for Various Oracle Products in October 2022 Patch Tuesday

Oracle October 2022 Patch Tuesday edition is out. The security update contains a total of 370 critical security patches affecting various Oracle product families.    In this month’s update, 290 out of 370 security updates addressed are non-Oracle CVEs, or security flaws in third-party products (such as open-source components), which are exploitable in the context … Continue reading “Oracle Releases 370 Security Patches for Various Oracle Products in October 2022 Patch Tuesday”

Oracle WebLogic Remote Upload Vulnerability : CVE-2018-2894

In the month of July 2018 Oracle had released advisory addressing many vulnerabilities in its suit of products. In this post will discuss about CVE-2018-2894. It is a remote file upload vulnerability in WebLogic server due to  improper authentication enforcement. Normally this page should not be accessible without authentication. The affected versions are 10.3.6.0, 12.1.3.0, 12.2.1.2, … Continue reading “Oracle WebLogic Remote Upload Vulnerability : CVE-2018-2894”