Of these, 26 fixes addressed flaws in the company's database products, including 10 that the company said could be remotely exploited without the need for a username or a password. Oracle typically assigns its highest severity ratings to such flaws.

Tuesday's Critical Patch Update (CPU) from Oracle also contained 12 fixes for vulnerabilities in Oracle's Application Server software, eight of which were rated "critical" because they can be remotely exploited without any user authentication. Also included in the update were three patches for holes -- including one that could be remotely exploited -- in Oracle's PeopleSoft product.

The patches were released as part of Oracle's regularly scheduled quarterly security updates. The last one was in October, when the company across its entire range of products.

Tuesday's update was preceded by a last week detailing the affected products, the number of vulnerabilities fixed, a severity rating score and other information designed to give administrators more time to plan their patching activities.

It's the first time Oracle released such advance information on its patches and is part of a continuing effort by the company to make its security updates easier to understand and to deploy.