Security news that informs and inspires

Archive

3 results for tag Oracle:

Java Crypto Bug Allows Forging of Signatures, Certificates

A critical bug in Java's implementation of ECDSA (CVE-2022-21449) can allow an attacker to forge a signature or certificate to deliver virtually any payload.

Java, Oracle

Oracle Releases Emergency Patch for WebLogic Flaw

Oracle has pushed an emergency patch for CVE-2020-14750, a remotely exploitable flaw in its WebLogic application server.

Oracle

Attackers Using Oracle WebLogic Flaw to Install Sodinokibi Ransomware

The Sodinokibi ransomware is being installed on vulnerable Oracle WebLogic servers that haven't been patched against CVE-2019-2725.

Ransomware, Oracle