For the second straight quarter this year, Oracle’s latest critical patch update (CPU) released this week contained more than 400 security patches addressing vulnerabilities in a wide range of the company’s product sets.

With 402 patches, Oracle’s October 2020 CPU was slightly smaller than its previous one in July, which contained a record-breaking 444 security patches. But the October CPU addresses more security vulnerabilities across more products than the previous patch update.

The new CPU addresses 18 vulnerabilities in Oracle’s core database technology. Sixteen of those flaws are remotely exploitable — four without the attacker needing to be authenticated to the system.