Organizations running Oracle WebLogic Server faced active attacks for roughly two weeks before any official fix arrived, after researchers disclosed a remote code execution flaw rated 9.8 out of 10 on ...
CISA added Oracle WebLogic flaw CVE-2024-21182 to its KEV catalog, giving federal agencies until June 4 to patch exposed servers.
Oracle issued an out-of-band security update over the weekend to address a critical remote code execution (RCE) vulnerability impacting multiple Oracle WebLogic Server versions. The security ...
CVE-2020-2883 was patched in Oracle’s April 2020 Critical Patch Update – but proof of concept exploit code was published shortly after. Oracle is urging customers to fast-track a patch for a critical ...
In August 2023 a zero day was dropped by one of the most functional ransomware gangs and wasand was unknown to most, including security researchers and journalists. CVE-2023-21839, a vulnerability in ...
The flaw in the console component of the WebLogic Server, CVE-2020-14882, is under active attack, researchers warn. If an organization hasn’t updated their Oracle WebLogic servers to protect them ...
A threat actor is dropping a cryptominer and distributed denial-of-service (DDoS) malware on Oracle WebLogic Servers using "Hadooken." Researchers at Aqua Nautilus spotted the malware when it hit one ...