July saw two high-severity bugs in Firefox, while Oracle patched over 500 vulnerabilities.
See full article...
See full article...
Software company Oracle has released its July Critical Patch Update Advisory, fixing 508 vulnerabilities in its products. Among the fixes are 77 new security patches for Oracle Communications. Oracle warned that 57 of these vulnerabilities could be remotely exploited over a network without user credentials. One of the worst flaws is CVE-2023-20862, which has been given a CVSS score of 9.8.
Well you can't maintain a bug hunt and create an utterly baroque licensing system to squeeze every dime out of your customers.Not to nitpick on just Oracle, but geez! 57 of the 77 in Oracle Communications were RCEs??? Someone's SDLC process is severely failing.
(Dis)honorable mention to BeyondTrust, which squeaked just under the wire to not publicly announce a perfect CVSS 10 bug in its remote support products on August 1, since who would need those to be trustworthy or secure?
Not to nitpick on just Oracle, but geez! 57 of the 77 in Oracle Communications were RCEs??? Someone's SDLC process is severely failing.
It's possible many of them were one common library used across multiple functions.Not to nitpick on just Oracle, but geez! 57 of the 77 in Oracle Communications were RCEs??? Someone's SDLC process is severely failing.