The NSA dump recently leaked by Shadow Brokers includes also another Solaris exploit code named EBBISLAND that triggers a vulnerability patched since 2012 in Solaris 10 Update 11.
This is a record security update, it includes in fact 299 fixes to Oracle products, 162 of them are remotely exploitable. 83 security fixes address vulnerabilities in Oracle business-critical applications, including Oracle PeopleSoft, E-Business Suite, JD Edwards, Siebel CRM and the Primavera Products Suite.
Oracle released 8 security fixes for Java, 39 for MySQL and 3 for Oracle Database Server.
Apache Struts 2 is currently used in many Oracle products, including MySQL Enterprise Monitor, Oracle WebCenter Sites, Oracle WebLogic Server, Oracle Communications, Retail and Financial Services applications, and the Siebel E-Billing app.
Oracle fixed 40 critical vulnerabilities, 25 of which rated with a severity score of 10 in the Common Vulnerability Scoring System (CVSS).
The Oracle Critical Patch Update Advisory – April 2017 addresses application for a wide range of industry sectors, including financial services, retail, communications, utilities, and hospitality.