322 new fixes released by Oracle last week

Last week, Oracle released seven new fixes for the Oracle database server, which was earlier stated in its pre-release announcement.

“While this Pre-Release Announcement is as accurate as possible at the time of publication, the information it contains may change before the publication of the Critical Patch Update Advisory,” Oracle wrote.

The Critical Patch Update is a collection of patches for multiple security vulnerabilities, and last week 322 new fixes were addressed. Six of the security vulnerabilities were reportedly discovered by the Onapsis Research Labs team.

"Some of the vulnerabilities addressed in this Critical Patch Update affect multiple products. Due to the threat posed by a successful attack, Oracle strongly recommends that customers apply Critical Patch Update fixes as soon as possible," the announcement stated.

Two of the six different patches that were originally reported by the Onapsis Research Lab team addressed "critical vulnerabilities in the Oracle E-Business Suite (EBS), which has been deeply researched by Onapsis in the last few years,” researchers wrote. “Successfully exploiting these vulnerabilities may allow an attacker three critical scenarios compromising the integrity and availability of EBS: remote code execution in the server, remote code execution in the client and a Denial of Service.”