Haven't gotten around to patching since last Spring? Now would be a good time Europe's digital identity system needs patching after can_we_trust_this function call ignored
Thousands of Oracle E-Business Suite customers are vulnerable a security bug that can be exploited for bank fraud. Security company Onapsis estimates that roughly half of all companies using the Oracle EBS software have not yet patched CVE-2019-2648 and CVE-2019-2633, despite Big Red having pushed out fixes for both bugs back in April. The two vulnerabilities are found in the Thin Client Framework API and are described as reflected SQL injections. An attacker who could remotely access the EBS se...