Oracle has issued a Security Alert regarding a critical vulnerability in Oracle Identity Manager and Oracle Web Services ...

Oracle issues out-of-band updates to patch CVE-2026-21992, a critical vulnerability in Identity Manager and Web Services ...

Oracle fixes CVE-2026-21992 (CVSS 9.8) flaw enabling unauthenticated RCE via HTTP, risking full system compromise.

Attackers can execute arbitrary code without authentication if Oracle's Identity or Web Services Managers are exposed to the Web.

But compared to previous Oracle updates, the first security bulletin of 2008 is small, experts say. Last's October's bulletin contained more than 50 patches and experts say that they've seen updates ...

Oracle will issue 41 security patches next Tuesday addressing vulnerabilities across “hundreds” of its products, the company said in a pre-release announcement. More than 15 of those patches address ...

To patch or not to patch - that is the question for many software customers. And it's particularly tricky one to answer when the software company won't say what the patch is for, as one reader ...

Oracle will release today 128 fixes for security vulnerabilities that affect "hundreds" of its products. The software giant and Java maker said in a pre-release announcement today that four of the ...

Last week it was Microsoft’s Patch Tuesday, this week Oracle delivers a boatload of patches. In all, the company will release 27 updates for its database, e-business suite and application server. Also ...

Oracle on Tuesday brought out the first release of its Critical Patch Update, which contains software patches for security vulnerabilities in a wide variety of Oracle products. The software is the ...

Oracle is ready to declare its own monthly "Patch Day." The database maker confirmed on Thursday that it plans to start releasing patches on a specific day each month. The move mimics Microsoft's ...