Security exposures updating websites
Oracle will not provide advance notification or "insider information" on Critical Patch Update or Security Alerts to individual customers.Finally, Oracle does not develop or distribute active exploit code (or "proof of concept code") for vulnerabilities in our products.
The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Microsoft Edge.
An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current user.
Security advisories (ELSA) are published at https://linux.oracle.com/security/.
Starting October 20, 2015, Oracle will also publish Oracle Linux Bulletins which list all CVEs that had been resolved and announced in Oracle Linux Security Advisories in the last one month prior to the release of the bulletin.
The Security Alerts released since 2014 are listed in the following table.