Oracle announced on their webpage that the upcoming CPU will fix 46 vulnerabilities. 20 vulnerabilites in the database (including 1 bug in APEX). The APEX vulnerability is already fixed in APEX 3.0.1.
The highest CVSS rating for the 4.8 which is quite high.
Our upcoming vulnerabilities are available on our website.
More details next tuesday.