Oracle has released their critical updates list. Looking through it there is a very wide range of products, including java that require a fix. Oracle "strongly recommends that customers remain on actively-supported versions and apply Critical Patch Update fixes without delay."
There are quite a few remotely exploitable, no auth required issues that are addressed by these patches. You may want to peruse the list to see if some of your products are affected.
More info here --> http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html
Apr 20th 2016
2 years ago