Oracle issued a Critical Patch Update (CPU) encompassing 301 separate updates spread across the entire Oracle family of products. 28 flaws share the highest-level criticality score 9.8 from the Common Vulnerability Scoring System (CVSS) More than half of the vulnerabilities lie in business-critical applications. Waratek: One-third of the 12 new Java SE bugs carry a severity rating of high or critical; 11 of the. 12 can be remotely exploited, and eight of the. 12 new WebLogic vulnerabilities are critical.”]