Oracle has patched 334 vulnerabilities across all of its product families in its January 2020 quarterly Critical Patch Update (CPU) Out of these, 43 are critical/severe flaws carrying CVSS scores of 9.1 and above. The CPU ties for Oracle s previous all-time high for number of patches issued, in July 2019, which overtook its previous record of 308 in July 2017. The company said in a pre-release announcement that some of the vulnerabilities affect multiple products. Some of these vulnerabilities were remotely exploitable, not requiring any login data; therefore posing an extremely high risk of exposure, said senior security engineer at Synopsys.
Source: https://threatpost.com/oracle-cpu-all-time-patch-high-january/151861/