Thursday, May 22, 2025
Follow us On Linkedin
HomeVulnerabilityOracle Patches 32 Critical Flaws in MySQL, WebLogic Server, & VirtualBox VM

Oracle Patches 32 Critical Flaws in MySQL, WebLogic Server, & VirtualBox VM

VulnerabilityVulnerability Analysis

Published on

By Eswar
Oracle Patches 32 Critical Flaws in MySQL, WebLogic Server, & VirtualBox VM

Supply Chain Attack Prevention

SIEM as a Service

Follow Us on Google News

Oracle has released a list of security patches for more than 130+ products. These products were used in several industries, including banking, communication, enterprise, development, and others. 

Oracle has released the severity rating and categorized them as critical, high, medium, and low based on their CVSS 3.1 score. Over 508 new security patches and CVE IDs were released, of which 76 of them had Critical severity.

Patches and Products

The latest update for Oracle Financial Services Applications included approximately 147 patches, with 115 of them being susceptible to remote exploitation through network access.

- Advertisement - Google News

This update addressed over 18 high-risk vulnerabilities that were deemed critical.

Oracle Communications recently received 77 security patches, with 57 of them being remotely exploitable.

Among these patches, there were over 10 critical severity vulnerabilities and 41 high severity vulnerabilities that have been successfully patched.

Recently, Oracle Fusion Middleware was patched with 60 security updates, 40 of which were identified as remotely exploitable. Among these updates, 9 were considered critical and 24 were deemed of high severity.

There are a total of 40 security patches for Oracle Communications Applications, out of which 30 can be exploited remotely. Analytics has 32 security patches, with 23 vulnerabilities that can also be exploited remotely.

MySQL has 21 security patches, with 11 of them remotely exploitable. Furthermore, a dozen products and third-party patches were released by Oracle. These products were related to JavaSE, Retail applications, Construction engineering, E-Business Suite, PeopleSoft, Siebel, etc.

In addition to these, several lists of CVE IDs with High, medium, and low severities were released by Oracle as part of its July 2023 patch.

For detailed information on the affected products, CVE IDs, fixed versions, and CVSS base score, please follow the Oracle security advisory.

Users of these products are recommended to upgrade to the latest version to prevent threat actors from exploiting them.

Stay up-to-date with the latest Cyber Security News; follow us on GoogleNewsLinkedinTwitterand Facebook.

Eswar
Eswar
Eswar is a Cyber security content editor with a passion for creating captivating and informative content. With years of experience under his belt in Cyber Security, he is covering Cyber Security News, technology and other news.

Latest articles

Browser

Hackers Target Mobile Users Using PWA JavaScript to Bypass Browser Security

A sophisticated new injection campaign has been uncovered, targeting mobile users through malicious third-party...
API

Docker Zombie Malware Infects Containers for Crypto Mining and Self-Replication

A novel malware campaign targeting containerized infrastructures has emerged, exploiting insecurely exposed Docker APIs...
Cyber Attack

Hackers Masquerade as Organizations to Steal Payroll Logins and Redirect Payments from Employees

ReliaQuest, hackers have deployed a cunning search engine optimization (SEO) poisoning scheme to orchestrate...
cyber security

PupkinStealer Exploits Web Browser Passwords and App Tokens to Exfiltrate Data Through Telegram

A newly identified .NET-based information-stealing malware, dubbed PupkinStealer (also known as PumpkinStealer in some...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

Register Now

More like this

Cyber Attack

New Scan Uncovers 150K Industrial Systems Worldwide Vulnerable to Cyberattacks

A groundbreaking study leveraging advanced application-layer scanning has exposed approximately 150,000 industrial control systems...
cyber security

PowerDNS Vulnerability Allows Attackers to Trigger DoS Attacks Through Malicious TCP Connections

PowerDNS has released a critical security update to address a vulnerability in its DNSdist...
Cyber Attack

Ivanti EPMM 0-Day RCE Vulnerability Under Active Attack

Critical vulnerability chain in Ivanti’s Endpoint Manager Mobile (EPMM) has been actively exploited.  The vulnerabilities,...

GBHackers on Security is a top cybersecurity news platform, delivering up-to-date coverage on breaches, emerging threats, malware, vulnerabilities, and global cyber incidents.

Company

Trending

Categories

Copyright @ 2016 - 2025 GBHackers On Security - All Rights Reserved