# |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
50951 |
CVE-2014-6602 |
264 |
|
Bypass |
2014-09-21 |
2017-09-07 |
6.6 |
None |
Local |
Low |
Not required |
Complete |
Complete |
None |
Microsoft Asha OS on the Microsoft Mobile Nokia Asha 501 phone 14.0.4 allows physically proximate attackers to bypass the lock-screen protection mechanism, and read or modify contact information or dial arbitrary telephone numbers, by tapping the SOS Option and then tapping the Green Call Option. |
50952 |
CVE-2014-6601 |
|
|
|
2015-01-21 |
2019-04-22 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot. |
50953 |
CVE-2014-6600 |
|
|
|
2015-01-21 |
2016-12-06 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect availability via unknown vectors related to File System, a different vulnerability than CVE-2014-6570 and CVE-2015-0397. |
50954 |
CVE-2014-6598 |
|
|
|
2015-01-21 |
2016-06-23 |
7.6 |
None |
Remote |
High |
Not required |
Complete |
Complete |
Complete |
Unspecified vulnerability in the Oracle Communications Diameter Signaling Router component in Oracle Communications Applications 3.x, 4.x, and 5.0 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Signaling - DPI. |
50955 |
CVE-2014-6597 |
|
|
|
2015-01-21 |
2016-06-23 |
4.0 |
None |
Remote |
Low |
Single system |
None |
Partial |
None |
Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.52, 8.53, and 8.54 allows remote authenticated users to affect integrity via vectors related to PIA Core Technology. |
50956 |
CVE-2014-6596 |
|
|
|
2015-01-21 |
2016-06-23 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote attackers to affect integrity via unknown vectors related to Portal Framework. |
50957 |
CVE-2014-6594 |
|
|
|
2015-01-21 |
2016-06-23 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
Unspecified vulnerability in the Oracle iLearning component in Oracle iLearning 6.0 and 6.1 allows remote attackers to affect confidentiality via unknown vectors related to Learner Pages. |
50958 |
CVE-2014-6593 |
|
|
|
2015-01-21 |
2017-01-02 |
4.0 |
None |
Remote |
High |
Not required |
Partial |
Partial |
None |
Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25; Java SE Embedded 7u71 and 8u6; and JRockit 27.8.4 and 28.3.4 allows remote attackers to affect confidentiality and integrity via vectors related to JSSE. |
50959 |
CVE-2014-6587 |
|
|
|
2015-01-21 |
2016-12-21 |
4.3 |
None |
Local |
Low |
Single system |
Partial |
Partial |
Partial |
Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. |
50960 |
CVE-2014-6586 |
|
|
|
2015-01-21 |
2016-06-23 |
5.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
None |
Unspecified vulnerability in the PeopleSoft Enterprise HRMS component in Oracle PeopleSoft Products 9.1 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Time and Labor. |
50961 |
CVE-2014-6584 |
|
|
|
2015-01-21 |
2016-06-23 |
4.0 |
None |
Remote |
Low |
Single system |
Partial |
None |
None |
Unspecified vulnerability in the Integrated Lights Out Manager (ILOM) component in Oracle Sun Systems Products Suite ILOM before 3.2.4 allows remote authenticated users to affect confidentiality via unknown vectors related to Backup Restore. |
50962 |
CVE-2014-6583 |
|
|
|
2015-01-21 |
2016-06-23 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
None |
Unspecified vulnerability in the Oracle Marketing component in Oracle E-Business Suite 11.5.10.2, 12.0.4, 12.0.5, 12.0.6, 12.1.1, 12.1.2, and 12.1.3. allows remote attackers to affect confidentiality and integrity via unknown vectors related to Audience. |
50963 |
CVE-2014-6582 |
|
|
|
2015-01-21 |
2016-06-23 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
Unspecified vulnerability in the Oracle HCM Configuration Workbench component in Oracle E-Business Suite 11.5.10.2, 12.0.4, 12.0.5, 12.0.6, 12.1.1, 12.1.2, 12.1.3, 12.2.2, 12.2.3, and 12.2.4 allows remote attackers to affect confidentiality via unknown vectors related to Rapid Implementation. |
50964 |
CVE-2014-6581 |
|
|
|
2015-01-21 |
2016-06-23 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
None |
Unspecified vulnerability in the Oracle Customer Intelligence component in Oracle E-Business Suite 11.5.10.2, 12.0.4, 12.0.5, 12.0.6, 12.1.1, 12.1.2, 12.1.3, 12.2.2, 12.2.3, and 12.2.4 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Extract/Load Programs. |
50965 |
CVE-2014-6580 |
|
|
|
2015-01-21 |
2016-06-23 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
Unspecified vulnerability in the Oracle Reports Developer component in Oracle Fusion Middleware 11.1.1.7 and 11.1.2.2 allows remote attackers to affect integrity via unknown vectors. |
50966 |
CVE-2014-6579 |
|
|
|
2015-01-21 |
2016-06-27 |
4.0 |
None |
Remote |
Low |
Single system |
Partial |
None |
None |
Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.52 and 8.53 allows remote authenticated users to affect confidentiality via unknown vectors related to Integration Broker. |
50967 |
CVE-2014-6578 |
|
|
|
2015-01-21 |
2016-11-28 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
Unspecified vulnerability in the Workspace Manager component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, and 12.1.0.1 allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to SDO_TOPO and WMSYS.LT. |
50968 |
CVE-2014-6577 |
|
|
DoS |
2015-01-21 |
2016-11-28 |
6.8 |
None |
Remote |
Low |
Single system |
Complete |
None |
None |
Unspecified vulnerability in the XML Developer's Kit for C component in Oracle Database Server 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality via unknown vectors. NOTE: the previous information is from the January 2015 CPU. Oracle has not commented on the original researcher's claim that this is an XML external entity (XXE) vulnerability in the XML parser, which allows attackers to conduct internal port scanning, perform SSRF attacks, or cause a denial of service via a crafted (1) http: or (2) ftp: URI. |
50969 |
CVE-2014-6576 |
|
|
|
2015-01-21 |
2016-06-24 |
5.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
None |
Unspecified vulnerability in the Oracle Adaptive Access Manager component in Oracle Fusion Middleware 11.1.1.5, 11.1.1.7, 11.1.2.1, and 11.1.2.2 allows remote authenticated users to affect confidentiality and integrity via vectors related to OAM Integration. |
50970 |
CVE-2014-6575 |
|
|
|
2015-01-21 |
2016-12-06 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows remote attackers to affect availability via unknown vectors related to Network, a different vulnerability than CVE-2004-0230. |
50971 |
CVE-2014-6574 |
|
|
|
2015-01-21 |
2016-06-24 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
Unspecified vulnerability in the Oracle Agile PLM for Process component in Oracle Supply Chain Products Suite 6.1.0.3 allows remote attackers to affect integrity via unknown vectors related to Testing Protocol Library. |
50972 |
CVE-2014-6573 |
|
|
|
2015-01-21 |
2016-06-24 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
Unspecified vulnerability in the Enterprise Manager Ops Center component in Oracle Enterprise Manager Grid Control 11.1.3 and 12.1.4 allows remote attackers to affect integrity via unknown vectors related to User Interface Framework. |
50973 |
CVE-2014-6572 |
|
|
|
2015-01-21 |
2016-06-24 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
None |
Unspecified vulnerability in the Oracle Customer Interaction History component in Oracle E-Business Suite 12.0.4, 12.0.5, 12.0.6, 12.1.1, 12.1.2, 12.1.3, 12.2.2, 12.2.3, and 12.2.4 allows remote attackers to affect confidentiality and integrity via unknown vectors related to List of Values. |
50974 |
CVE-2014-6571 |
|
|
|
2015-01-21 |
2016-06-24 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
Unspecified vulnerability in the Oracle HTTP Server component in Oracle Fusion Middleware 11.1.1.7.0, 12.1.2.0, and 12.1.3.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Web Listener, a different vulnerability than CVE-2011-1944. |
50975 |
CVE-2014-6570 |
|
|
|
2015-01-21 |
2016-12-06 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect availability via unknown vectors related to File System, a different vulnerability than CVE-2014-6600 and CVE-2015-0397. |
50976 |
CVE-2014-6569 |
|
|
|
2015-01-21 |
2016-06-24 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.0.2.0, 10.3.6.0, 12.1.1.0, and 12.1.2.0 allows remote attackers to affect confidentiality via vectors related to CIE Related Components. |
50977 |
CVE-2014-6567 |
|
|
Exec Code Overflow |
2015-01-21 |
2016-11-28 |
9.0 |
None |
Remote |
Low |
Single system |
Complete |
Complete |
Complete |
Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information is from the January 2015 CPU. Oracle has not commented on the researcher's claim that this is a stack-based buffer overflow in DBMS_AW.EXECUTE, which allows code execution via a long Current Directory Alias (CDA) command. |
50978 |
CVE-2014-6566 |
|
|
|
2015-01-21 |
2016-06-24 |
4.0 |
None |
Remote |
Low |
Single system |
None |
Partial |
None |
Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53 allows remote authenticated users to affect integrity via unknown vectors related to Portal. |
50979 |
CVE-2014-6565 |
|
|
|
2015-01-21 |
2016-06-24 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
Unspecified vulnerability in the JD Edwards EnterpriseOne Tools component in Oracle JD Edwards Products 9.1.5 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Portal SEC. |
50980 |
CVE-2014-6564 |
|
|
|
2014-10-15 |
2017-01-02 |
4.0 |
None |
Remote |
Low |
Single system |
None |
None |
Partial |
Unspecified vulnerability in Oracle MySQL Server 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:INNODB FULLTEXT SEARCH DML. |
50981 |
CVE-2014-6563 |
|
|
|
2014-10-15 |
2014-10-24 |
4.0 |
None |
Remote |
Low |
Single system |
Partial |
None |
None |
Unspecified vulnerability in the Java VM component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality via unknown vectors, a different vulnerability than CVE-2014-4294, CVE-2014-4295, and CVE-2014-6538. |
50982 |
CVE-2014-6562 |
|
|
|
2014-10-15 |
2015-02-20 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
Unspecified vulnerability in Oracle Java SE 8u20 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. |
50983 |
CVE-2014-6561 |
|
|
|
2014-10-15 |
2015-11-04 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
Unspecified vulnerability in the Oracle Payments component in Oracle E-Business Suite 12.0.4, 12.0.6, 12.1.1, 12.1.2, 12.1.3, 12.2.2, 12.2.3, and 12.2.4 allows remote attackers to affect confidentiality via unknown vectors related to Separate Remittance Advice. |
50984 |
CVE-2014-6560 |
|
|
|
2014-10-15 |
2014-10-24 |
9.0 |
None |
Remote |
Low |
Single system |
Complete |
Complete |
Complete |
Unspecified vulnerability in the Java VM component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2014-6453, CVE-2014-6467, and CVE-2014-6545. |
50985 |
CVE-2014-6559 |
|
|
|
2014-10-15 |
2018-12-18 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows remote attackers to affect confidentiality via vectors related to C API SSL CERTIFICATE HANDLING. |
50986 |
CVE-2014-6557 |
|
|
|
2014-10-15 |
2015-11-13 |
4.9 |
None |
Remote |
Medium |
Single system |
Partial |
Partial |
None |
Unspecified vulnerability in the Application Performance Management component in Oracle Enterprise Manager Grid Control before 12.1.0.6.2 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to End User Experience Management. |
50987 |
CVE-2014-6556 |
|
|
|
2015-01-21 |
2016-06-24 |
4.6 |
None |
Remote |
High |
Single system |
Partial |
Partial |
Partial |
Unspecified vulnerability in the Oracle Applications DBA component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.3, 12.2.2, 12.2.3, and 12.2.4 allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to AD_DDL. |
50988 |
CVE-2014-6555 |
|
|
|
2014-10-15 |
2018-12-18 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to SERVER:DML. |
50989 |
CVE-2014-6554 |
|
|
|
2014-10-15 |
2015-11-13 |
5.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
None |
Unspecified vulnerability in the Oracle Access Manager component in Oracle Fusion Middleware 11.1.2.1 and 11.1.2.2 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Admin Console. |
50990 |
CVE-2014-6553 |
|
|
|
2014-10-15 |
2015-11-10 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
None |
Unspecified vulnerability in the Oracle Access Manager component in Oracle Fusion Middleware 11.1.1.5 and 11.1.1.7 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Admin Console. |
50991 |
CVE-2014-6552 |
|
|
|
2014-10-15 |
2015-11-10 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
Unspecified vulnerability in the Oracle Access Manager component in Oracle Fusion Middleware 11.1.1.5, 11.1.1.7, 11.1.2.1, and 11.1.2.2 allows remote attackers to affect integrity via unknown vectors related to Admin Console. |
50992 |
CVE-2014-6550 |
|
|
|
2014-10-15 |
2015-11-04 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
Unspecified vulnerability in the Oracle Applications Object Library component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect integrity via unknown vectors related to iHelp. |
50993 |
CVE-2014-6549 |
|
|
|
2015-01-21 |
2016-12-21 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
Unspecified vulnerability in Oracle Java SE 8u25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. |
50994 |
CVE-2014-6548 |
|
|
|
2015-01-21 |
2016-06-24 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
Unspecified vulnerability in the Oracle SOA Suite component in Oracle Fusion Middleware 11.1.1.7 allows local users to affect confidentiality, integrity, and availability via vectors related to B2B Engine. |
50995 |
CVE-2014-6547 |
|
|
|
2014-10-15 |
2016-05-11 |
4.0 |
None |
Remote |
Low |
Single system |
Partial |
None |
None |
Unspecified vulnerability in the JPublisher component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality via unknown vectors, a different vulnerability than CVE-2014-4290, CVE-2014-4291, CVE-2014-4292, CVE-2014-4293, CVE-2014-4296, CVE-2014-4297, CVE-2014-4310, and CVE-2014-6477. |
50996 |
CVE-2014-6546 |
|
|
|
2014-10-15 |
2014-10-24 |
9.0 |
None |
Remote |
Low |
Single system |
Complete |
Complete |
Complete |
Unspecified vulnerability in the JPublisher component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors. |
50997 |
CVE-2014-6545 |
|
|
|
2014-10-15 |
2015-11-17 |
9.0 |
None |
Remote |
Low |
Single system |
Complete |
Complete |
Complete |
Unspecified vulnerability in the Java VM component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2014-6453, CVE-2014-6467, and CVE-2014-6560. |
50998 |
CVE-2014-6542 |
|
|
|
2014-10-15 |
2015-11-09 |
4.0 |
None |
Remote |
Low |
Single system |
Partial |
None |
None |
Unspecified vulnerability in the SQLJ component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality via unknown vectors, a different vulnerability than CVE-2014-4298, CVE-2014-4299, CVE-2014-4300, CVE-2014-6452, and CVE-2014-6454. |
50999 |
CVE-2014-6541 |
|
|
|
2015-01-21 |
2016-11-28 |
6.3 |
None |
Remote |
Medium |
Single system |
Complete |
None |
None |
Unspecified vulnerability in the Recovery component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2, when running on Windows, allows remote authenticated users to affect confidentiality via vectors related to DBMS_IR. |
51000 |
CVE-2014-6539 |
|
|
|
2014-10-15 |
2015-11-04 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.3, 12.2.2, 12.2.3, and 12.2.4 allows remote attackers to affect integrity via vectors related to LOV, a different vulnerability than CVE-2014-6472. |