Oracle Releases Multiple Critical Patches - 20250423001¶
Overview¶
Oracle has published a critical patch advisory that includes 378 patches across multiple products. Oracle has stated that they are aware of actors successfully exploiting known vulnerabilities in their products.
What is vulnerable?¶
Please review the Oracle Critical Patch Update Advisory - April 2025 for details regarding the vulnerabilities and affected products.
Critical Severity¶
| CVE | CVSS |
|---|---|
| CVE-2025-30727 | 9.8 |
| CVE-2025-24813 | 9.8 |
| CVE-2025-1974 | 9.8 |
| CVE-2024-56337 | 9.8 |
| CVE-2024-5535 | 9.1 |
| CVE-2024-52316 | 9.8 |
| CVE-2024-52046 | 9.8 |
| CVE-2024-47561 | 9.8 |
| CVE-2024-40896 | 9.1 |
| CVE-2024-38476 | 9.8 |
| CVE-2024-23807 | 9.8 |
| CVE-2024-11053 | 9.1 |
| CVE-2022-45047 | 9.8 |
| CVE-2022-34381 | 9.8 |
| CVE-2021-23450 | 9.8 |
What has been observed?¶
The WA SOC has not received any reports of exploitation of this vulnerability on Western Australian Government networks at the time of writing.
Recommendation¶
The WA SOC recommends administrators apply the solutions as per vendor instructions to all affected devices within expected timeframe as shown in Patch Management: