iPhone 14 Pro vs. 13 Pro Cameras Tesla Optimus Robot Best Free VPNs Apple Watch 8 Deals AT&T Hidden Fee Settlement Google Pixel 7 Pro Preview Heating Older Homes National Taco Day
Want CNET to notify you of price drops and the latest stories?
No, thank you
Accept

Oracle to push out 51 patches

Update includes fixes for 27 vulnerabilities in Oracle Database, five of which may be exploited remotely without authentication.

Oracle plans to push out 51 fixes for flaws in its software, in a self-described "critical patch update" on Tuesday.

The flaws affect a number of Oracle products. Some of the vulnerabilities addressed in the update affect multiple products.

The patches include fixes for 27 vulnerabilities in Oracle Database, five of which may be exploited remotely without authentication.

Oracle said it will now use version 2 of the CVSS (Common Vulnerability Scoring System) to rate the severity of flaws. It had previously used CVSS version 1.

The highest-rated Oracle flaw that will be patched has a CVSS version 2 base score of 6.8. Oracle Database's most serious flaw is rated 6.5.

Oracle Application Server faces 11 security fixes. Seven of these vulnerabilities may be remotely exploitable without authentication, Oracle said in a statement.

Oracle E-Business Suite, Oracle Enterprise Manager and Oracle PeopleSoft Enterprise products will also receive fixes.

Tom Espiner of ZDNet UK reported from London.