Over half of Oracle s flaws in its quarterly patch update can be remotely exploitable without authentication; two have CVSS scores of 10 out of 10. The majority of the flaws are in Oracle Financial Services Applications (53), Oracle MySQL (53) Oracle Communications (52), Oracle Fusion Middleware (46), Oracle Retail Applications (28) and Oracle E-Business Suite (27) Overall, 27 Oracle product families are affected by the flaws. Affected supported versions include 7.1.1, 7.2.0, 72.1 and 7.3.0.
Source: https://threatpost.com/oracle-october-patch-update/160407/