Oracle plans to release 46 security patches next week as part of its quarterly update cycle.
The updates cover unspecified flaws in products including Oracle Database, Application Server, and E-Business Suite, among others. Some of the patches due to be released on Tuesday, 17 July, cover bugs in multiple products.
Twenty of the planned security updates include fixes for versions of Oracle's database, two of which might be remotely exploited without requiring login credentials.
Six of the 14 flaws in Oracle's E-Business Suite might also be remotely exploited by hackers. Three of four bugs in Oracle's Application Server carry the same risk, Oracle warns in its pre-release announcement here.
Last year, Oracle began rating the severity of bugs in its applications according to the Common Vulnerability Scoring System (CVSS), an industry-wide initiative designed to standardise vulnerability ratings.
Oracle rates the worst of this quarter's patch batch (two bugs affecting Oracle PeopleSoft Enterprise) at 4.8. The last edition of Oracle's quarterly patch release featured 36 security fixes compared to the 51 security updates Oracle issued in January. ®