The technology giant and Java software maker said in a pre-release announcement today
that four of the patches include fixes for Oracle's flagship database product, which can be exploited remotely without the need for a username or password.
Also, 29 security fixes will arrive for Oracle Fusion Middleware, with 22 of these also allowing attacks without the need for authentication.
Affected components include Oracle HTTP Server, JRockit, WebCenter and WebLogic.
Both Oracle products have a common vulnerability scoring system
(CVSS) rating of 10, described as the most severe vulnerability.
Oracle E-Business Suite contains six new security fixes, Oracle Supply Chain Products Suite has three new security fixes, and Oracle PeopleSoft Products contains 11 new security fixes.