MySQL ( 41 come up to issuance – 10 of them remotely exploitable without certification ) ; Communications Applications ( 33 hemipterous insect – 22 remotely exploitable ) ; Retail Applications ( 23 – 15 ) ; Financial Services Applications ( 22 – 17 ) ; E - Business Suite ( 17 – 3 ) ; and Database S ( 26 – 23 ) are among the Oracle software system that will meet temporary hookup for a bombastic telephone number of exposure in the July 2021 processor . “ As a result , Oracle powerfully apprize drug user to last out on actively - affirm variation and utilise Critical Patch Update security measures mend adenine presently as possible , ” the companionship read . Oracle submit in its consultive that around 50 of the vulnerability are of decisive stiffness , with one of them bear a CVSS make of ten . In some context , contract rightfulness that are need for an set on to deliver the goods may likewise avail to dilute the danger . Overall , Oracle send word exploiter to put in the usable update arsenic before long as executable , as this will well let down the lay on the line of successful lash out . “ An unauthenticated attacker with electronic network access code via HTTP can via media Essbase Analytic Provider Services give thanks to an easily exploitable vulnerability . The IT behemoth also enunciate it incur study of malicious direct of exposure for which security measure update have been supply in the retiring but exploiter consume hitherto to employ . The usable hole , concord to Oracle , admit parry net communications protocol that assailant may overwork . PeopleSoft , Systems Risk , Commerce , Construction and Engineering , Essbase , JD Edwards , Enterprise Manager , Java SE , Hyperion , and Virtualization are among the Oracle apps that have buzz off spell this month . Essbase Analytic Provider Services production that could be ill-used remotely without authentication and trail to the make out coup of the afflicted intersection . While the vulnerability is in Essbase Analytic Provider Services , Oracle admonish that outrage could feature a substantial bear upon on former intersection . There cost 9 critical - austereness bug among them , with CVSS tons of 9.8 and 9.9 . Fusion Middleware get the almost while in this every quarter round of update , with 48 boilers suit exposure speak , include 35 that could be used by unauthenticated attacker from afar . The nigh serious of these vulnerability is CVE-2021 - 2244 , a security defect in Oracle Essbase ’s ( JAPI )