Administrators who support Java applications and various Oracle databases should pay close attention to the latest quarterly security update from Oracle, as more than a third of the security fixes affect Java, MySQL, and Oracle Database Server. Several of these vulnerabilities are considered critical and could be remotely exploited without requiring authentication, Oracle said.
Oracle doesn’t state in the Critical Patch Update (CPU) whether any of the vulnerabilities are currently being exploited in the wild. However, it warns that attackers continue to target security holes for which fixes are already available.