Oracle has issued an out-of-band emergency security update to address five vulnerabilities, among which one is rated 10 out of 10 on the CVSSv3 bug severity scale, and a second was rated 9.9 out of 10.
Oracle has released patches for a security issue affecting the Oracle Identity Manager that has received a rare 10 out of 10 score on the CVSSv3 bug severity scale.
Today, Oracle released their April 2017 Critical Patch Update, or CPU, that resolves a record breaking 299 vulnerabilities across all of their products. Of these 299 vulnerabilities, over 100 are remotely executable.
Allegro MicroSystems LLC is suing a former IT employee for sabotaging its database using a "time bomb" that deleted crucial financial data in the first week of the new fiscal year.
Both Java and Python contain similar security flaws that allow an attacker to bypass firewalls by injecting malicious commands inside FTP URLs.
Oracle says that starting with April 18, 2017, Java (JRE) will treat all JAR files signed with the MD5 algorithm as unsigned, meaning they'll be considered insecure and blocked from running.
Oracle risks to lose all current and future contracts with the US government after the US Department of Labor (DoL) has filed a lawsuit against the company's US Division, Oracle America., Inc..
Today, Oracle released their January 2017 Critical Patch Update, or CPU, that resolves a massive 270 vulnerabilities across all of their products. Of these 270 vulnerabilities, over 100 are remotely exploitable without authentication.
System administrators should be patching their MySQL installations if they haven't in the last three weeks, to safeguard their database servers against three critical security flaws discovered by Polish security researcher Dawid Golunski.
Today, Oracle released their October Critical Patch Update, or CPU, that resolves 253 vulnerabilities across all of their products. All of these vulnerabilities are rated as critical as they allow remote code execution in some form. As remote code execution allows attackers to remotely execute commands on an affected computer,
Today Microsoft, Oracle, and Adobe all released security updates for critical vulnerabilities in their products. Critical vulnerabilities allow attackers to execute commands on the vulnerable computers that could allow them to download and installer further programs without your permission.
Oracle announced yesterday that they will be deprecating the use of Java browser plugins starting in JRK 9, with it ultimately being removed altogether in future versions of the Java runtime environment. This is a important step in browser security as Java is a common target for exploit kits and attackers.