Oracle's October Critical Patch Update (CPU) addresses 51 vulnerabilities spread across the company's product portfolio, a marked improvement over last year's update. It also introduces an update to the system it uses to score the severity of vulnerabilities.
Oracle's namesake database products, which have 27 disclosed vulnerabilities, get the majority of the 51 fixes. According to Oracle's advisory, seven of the database vulnerabilities may be remotely exploitable without authentication.
The article continues at