Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apple xcode vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2019-8800
A memory corruption issue was addressed with improved validation. This issue is fixed in Xcode 11.2. Processing a maliciously crafted file may lead to arbitrary code execution.
Apple Xcode
8.8
CVSSv3
CVE-2019-8840
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in Xcode 11.3. Compiling with untrusted sources may lead to arbitrary code execution with user privileges.
Apple Xcode
5.5
CVSSv3
CVE-2022-32920
The issue was addressed with improved checks. This issue is fixed in Xcode 14.0. Parsing a file may lead to disclosure of user information.
Apple Xcode
7.8
CVSSv3
CVE-2019-8806
A memory corruption issue was addressed with improved validation. This issue is fixed in Xcode 11.2. Processing a maliciously crafted file may lead to arbitrary code execution.
Apple Xcode
NA
CVE-2015-7030
The Swift implementation in Apple Xcode prior to 7.1 mishandles type conversion, which has unspecified impact and attack vectors.
Apple Xcode
NA
CVE-2015-7049
otools in Apple Xcode prior to 7.2 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted mach-o file, a different vulnerability than CVE-2015-7057.
Apple Xcode
NA
CVE-2015-7056
IDE SCM in Apple Xcode prior to 7.2 does not recognize .gitignore files, which allows remote malicious users to obtain sensitive information in opportunistic circumstances by leveraging the presence of a file matching an ignore pattern.
Apple Xcode
6.3
CVSSv3
CVE-2023-27945
This issue was addressed with improved entitlements. This issue is fixed in Xcode 14.3, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. A sandboxed app may be able to collect system logs.
Apple Xcode
8.6
CVSSv3
CVE-2023-27967
The issue was addressed with improved memory handling. This issue is fixed in Xcode 14.3. An app may be able to execute arbitrary code out of its sandbox or with certain elevated privileges.
Apple Xcode
NA
CVE-2015-1149
Integer overflow in the simulator in Swift in Apple Xcode prior to 6.3 allows context-dependent malicious users to cause a denial of service or possibly have unspecified other impact by triggering an incorrect result of a type conversion.
Apple Xcode
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-40673
CVE-2024-36674
CVE-2024-27348
unspecified
CVE-2024-24919
CVE-2024-4870
malicious code
CVE-2024-2019
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »