Bumper crop of Oracle vulnerabilities landing tomorrow
Oracle are about to release their usual quarterly critical patch update (17th April) and apparently it includes some with very high CVSS risk scores in stuff like Java, where vulnerabilities can be anonymously exploited remotely over a network. Sounds like any unlucky folks with internet facing Oracle servers might want to consider testing and deploying these patches sooner rather than later. Link for more info -
https://www.oracle.com/technetwork/topics/security/alerts-086861.html#CriticalPatchUpdates