Oracle Patches 72 Critical Vulnerabilities Across a Wide Variety of Products

April 19, 2023

Oracle Patches 72 Critical Vulnerabilities Across a Wide Variety of Products

As part of their quarterly report, Oracle published a critical advisory including a collection of patches for various security vulnerabilities.

These patches address issues in Oracle code as well as third-party components used in Oracle products.

The Vulnerabilities

A total of 433 vulnerabilities have been patched, 72 of which are critical, some of which may allow a malicious attacker to execute remote code (RCE) without authentication.

The full list of vulnerabilities can be seen here.

Affected Products

The vulnerabilities were identified in a wide range of products, falling into the following categories:

  • Oracle GoldenGate
  • Oracle Fusion Middleware
  • Oracle Health Sciences
  • Oracle HealthCare Applications
  • Oracle iLearning
  • Oracle Java SE
  • Oracle JD Edwards
  • Oracle Management Cloud Engine
  • Oracle MySQL
  • NoSQL Database
  • Oracle Analytics
  • Oracle Blockchain Platform
  • Oracle Commerce
  • Oracle Communications Applications
  • Oracle Construction and Engineering Suite
  • Oracle E-Business Suite
  • Oracle GraalVM
  • Oracle Enterprise Applications
  • Oracle Enterprise Manager
  • Oracle Enterprise Performance Management
  • Oracle Financial Services Applications
  • Oracle Hospitality OPERA 5 Property Services
  • Oracle Insurance Applications
  • Oracle SD-WAN Aware
  • Oracle SD-WAN Edge
  • Oracle Supply Chain Products
  • Oracle Utilities Applications
  • Oracle PeopleSoft
  • Oracle Retail Applications
  • Oracle Siebel
  • Oracle Systems
  • Oracle Virtualization
  • Oracle NoSQL Database
  • Oracle Database

Mitigation

CYREBRO recommends to applying the security patches as soon as possible.

References: Oracle Advisory

Sign Up for Updates