First, there was the Month of Browser Bugs, followed by the Month of Kernel Bugs. Now, there will likely be a Week of Oracle Database Bugs, if one security researcher has his way.

This week, security researcher Cesar Cerrudo announced that he would release information on seven undisclosed security flaws in Oracle's database software over a week in December. The project will be the first bug-a-day initiative to focus exclusively on one software maker. Cerrudo--the founder and CEO of Argeniss Information Security of Buenos Aires, Argentina--is targeting Oracle because he claims the company has not improved its handling of security issues.

"We have 0-days (vulnerabilities) for all database software vendors but Oracle is 'The #1 Star' when talking about lots of unpatched vulnerabilities and not caring about security," Cerrudo stated in his announcement.

While the bug-a-day projects were born of researchers' discontent with software makers' handling of security issues, Oracle's security policies have frequently been the object of criticism. Two security firms that focus on database security--Red Database and Next-Generation Security Software--have both criticized Oracle for the amount of time the company takes to fix software issues.

The Week of Oracle Database Bugs could last longer than a week depending on whether other researchers send in their own security flaws, Cerrudo said.