Oracle have released their announcement for the April 2012 "Critical Patch Update", to be issued next Tuesday (Apr 17).

Several of the patch descriptions in the announcement are accompanied by the ominous words "may be exploited over a network without the need for a username and password". Sounds like next Tuesday will be busy for administrators of Oracle databases and middleware products.