Oracle has released its Critical Patch Update for April 2014 to address 104 vulnerabilities across multiple products. This update contains the following security fixes:
2 for Oracle Database Server
20 for Oracle Fusion Middleware
3 for Oracle Hyperion
10 for Oracle Supply Chain Products Suite
8 for Oracle PeopleSoft Products
1 for Oracle Siebel CRM
1 for Oracle iLearning
37 for Oracle Java SE
3 for Oracle and Sun Systems Products Suite
5 for Oracle Virtualization
14 for Oracle MySQL
US-CERT encourages users and administrators to review the April 2014 Critical Patch Update and follow best practice security policies to determine which updates should be applied.
CISA has added four new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2019-19006 Sangoma FreePBX Improper…