In the latest quarterly security updates, Oracle has patched 270 Vulnerabilities within it’s product base

http://www.eweek.com/security/oracle-patches-270-vulnerabilities-in-january-update.html

http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html

Oracle is out with its first Critical Patch Update (CPU) for 2017 and it’s a big one. In total, Oracle is patching a staggering 270 different vulnerabilities across its software portfolio, with 121 patches in Oracle’s E-Business Suite alone. In its security advisory for the January 2017 CPU, Oracle strongly recommends that organizations patch quickly.

The largest set of patches in the new CPU are for Oracle’s E-Business suite, which accounted for 42 percent of the entire CPU. Of the 121 security issues in the E-Business suite, 118 are remotely exploitable without the need for a user to enter credentials.  Oracle’s open-source MySQL database is being patched for 27 different security issues, though only 5 of them are remotely exploitable without authentication. The Fusion Middleware suite is being updated for 18 different vulnerabilities, with 16 of the issues being remotely exploitable without user authentication.    Java, which in the past has typically been among the Oracle software components with the most vulnerabilities, is being patched for 17 issues in the January CPU.