image credit: blogs.oracle.com Oracle has released an out-of-band security update to address a critical vulnerability in Oracle WebLogic Server. A deserialization flaw allows remote code execution and is tracked with CVE-2019-2729. This vulnerability is rated critical and is found to be exploited in-the-wild. The vulnerability exists due to a deserialization flaw in XMLDecoder in Oracle […]

Read More →

  Image Credit: Threatpost A critical remote code execution vulnerability has been recently discovered in the popular Apache Struts web application framework allowing a remote attacker to execute arbitrary code on any server running an application built using the affected Struts framework and the popular REST communication plugin. This flaw is due to an unsafe deserialization (Deserialization is […]

Read More →