Apache Struts 2
The Apache Struts 2 vulnerability may impact you. Proof of concept code has been released on gethub and is actively being discussed in underground forums. No plugins are needed for this exploit. All the attacker needs is put together a url that will give access to the Apache Struts installation.
Discovered by https://www.recordedfuture.com/
Here is a list of potential Oracle products that could be vulnerable. (this list is not exhaustive and I have not had time to validate every entry on this list)
This vulnerability was discovered August 22, 2018, and I have not been able to find a patch for it. Please do your research, if you are using Apache Struts 2, then keep a close eye for the patch, and once the patch is released, install it.