
"Some of these have unknown impacts, while others can be exploited to bypass certain security restrictions and conduct SQL injection attacks, cause denial of service, and potentially compromise a vulnerable system," said a Secunia advisory, which rated the vulnerabilities as 'highly critical'.
Oracle has already issued a patch to fix the flaws in its software and has advised users to apply it immediately.
"Due to the threat posed by a successful attack, Oracle strongly recommends that fixes are applied as soon as possible," said Oracle in a security statement. "This Critical Patch Update contains 45 new security fixes across all products."
The problems were discovered in a range of applications, including Oracle Application Express, Application Server, Collaboration Suite, Oracle Database, E-Business Suite, PeopleSoft Enterprise CRM and Oracle Secure Enterprise Search.