—–BEGIN PGP SIGNED MESSAGE—–

Hash: SHA256

Multiple Vulnerabilities in Oracle Products 

Indian – Computer Emergency Response Team (https://www.cert-in.org.in)

Severity Rating: High

Software Affected

Oracle MySQL

Java SE

Oracle Database Server

WebLogic Server

VirtualBox

For complete list of affected products refer to the oracle advisory:

https://www.oracle.com/security-alerts/cpuoct2025.html

Overview

Multiple vulnerabilities have been reported in various Oracle products, which could be exploited by a remote attacker to trigger elevation of privilege, denial of service condition, remote code execution, data manipulation, sensitive information disclosure and security restriction bypass on the targeted system.

Target Audience:

Individuals and organisational users of the above-mentioned Oracle products.

Risk Assessment:

High risk of information disclosure, data manipulation, system instability and arbitrary code execution.

Impact Assessment:

Potential unauthorized access to sensitive information, denial of service, data manipulation, and complete takeover of control of the target system.

Description

Oracle products are used for several applications including enterprise-level data management, cloud solutions, software development, and business applications. They are employed across a wide range of sectors, including finance, healthcare, manufacturing, government, and retail, among others.

Multiple vulnerabilities have been reported in various components of Oracle products.

Successful exploitation of these vulnerabilities could allow an attacker to trigger elevation of privilege, denial of service condition, remote code execution, data manipulation, sensitive information disclosure and security restriction bypass on the targeted system.

For complete list of affected products, CVEs, workarounds and solutions, refer to the oracle advisory:

https://www.oracle.com/security-alerts/cpuoct2025.html

Solution

Apply appropriate updates as mentioned in Oracle updates:  

https://www.oracle.com/security-alerts/cpuoct2025.html

Vendor Information

Oracle

https://www.oracle.com/security-alerts/cpuoct2025.html

References

Oracle

https://www.oracle.com/security-alerts/cpuoct2025.html

– —

Thanks and Regards,

CERT-In

Incident Response Help Desk

e-mail: incident@cert-in.org.in

Phone: +91-11-22902657

Toll Free Number: 1800-11-4949

Toll Free Fax : 1800-11-6969

Web: http://www.cert-in.org.in

PGP Fingerprint: A768 083E 4475 5725 B81A A379 2156 C0C0 B620 D0B4

PGP Key information:

https://www.cert-in.org.in/s2cMainServlet?pageid=CONTACTUS

Postal address:

Indian Computer Emergency Response Team (CERT-In)

Ministry of Electronics and Information Technology

Government of India

Electronics Niketan

6, C.G.O. Complex

New Delhi-110 003

—–BEGIN PGP SIGNATURE—–

iQIzBAEBCAAdFiEE6r4Iam/Ey0c/KakL3jCgcSdcys8FAmj57HwACgkQ3jCgcSdc

ys+hSQ//dmIPNoD+Mg0GtV6zKdHj0uUidCkRL9zkTVnmxszWxuq2qlSFl/EAqhKY

JrKPdRzzFW0YwFXrECwFF0WkI0sSH1s9A6UNLpAh8MtPrtkFdbpQqJ8lp6+RD5hj

qu0YGZSgXNmD/iOd9gSQuCl/YkS4X5RagBKVsp4ySdlIsz3oI3RvcmrGrKRnenzp

0eUEmDPhKI89veCVtSQl+DLcF9U4t2f+PLMvwqjNe/A02A+dLKiYiVAvvoCjihQP

VMfmWC+PjaMjr+GUncCopvAEjMYoN+ZQF8Z5I8xUnYWchqRx3omWXLE/FMN03wD4

LPfFt7gmv1Dnyar/jDZfnaYDAOY/kCCvaQ5VlTmbrDaK4DrlbVhFdzvGV3AVcXVr

n0iAFoLVWVrKSvR+w4XXu6+iQ+MVgQ6OmimdnmJVRa8pNTUY/Ghvxu5VubKjUwjH

T+SoLVUp3htf3WcIQReTPqXRRF3P3lSSg+4uyA+m+QGVukp+PeFZ97YGyXyDKA01

qAWW184c/Hm0241b4UmjVmpmy1hKn9Ppo6mgREs52YeTWNk4PH9fOrexHXTJcJrF

fyJvmfWjJTwF9dgUfHaMZ6CqA7fdGNYoAoY6+fFOjlxC5JgYRxgiCQ8Ao6uYcb6t

yzIFv9BY9XcsL6/bgjSkT4umu+/KXbL02ipKQuQcI2zgxVPXAhw=

=zoF8

—–END PGP SIGNATURE—–