Oracle released its quarterly critical patch update advisory on April 22nd 2021, addressing a total of 391 vulnerabilities on different Oracle products. It is strongly recommended to apply updates as soon as possible to prevent security incidents from happening.

This security update includes fixes for vulnerabilities in a wide variety of products including Oracle Fusion Middleware, Oracle MySQL, Oracle Virtualization and Oracle Database. It is important to note that many of the vulnerabilities addressed in this critical patch update could be exploited remotely without authentication. Remote attackers could leverage these flaws to perform different types of attacks including, but not limited to, denial of service attacks, escalation of privileges, remote command execution, security restrictions bypass, sensitive information disclosure and data manipulation on affected systems.

This is a big collection of different vulnerabilities, most of them remotely exploitable without authentication. The impact an organization could face varies depending on the vulnerability being exploited and it includes, but is not limited to, system compromise, theft of information or denial of service.