Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apple xcode vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2019-8840
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in Xcode 11.3. Compiling with untrusted sources may lead to arbitrary code execution with user privileges.
Apple Xcode
8.8
CVSSv3
CVE-2019-8722
Multiple issues in ld64 in the Xcode toolchains were addressed by updating to version ld64-507.4. This issue is fixed in Xcode 11.0. Compiling code without proper input validation could lead to arbitrary code execution with user privilege.
Apple Xcode
8.8
CVSSv3
CVE-2019-8723
Multiple issues in ld64 in the Xcode toolchains were addressed by updating to version ld64-507.4. This issue is fixed in Xcode 11.0. Compiling code without proper input validation could lead to arbitrary code execution with user privilege.
Apple Xcode
5.5
CVSSv3
CVE-2023-40435
This issue was addressed by enabling hardened runtime. This issue is fixed in Xcode 15. An app may be able to access App Store credentials.
Apple Xcode
NA
CVE-2015-3027
Clang in LLVM, as used in Apple Xcode prior to 6.3, performs incorrect register allocation in a way that triggers stack storage for stack cookie pointers, which might allow context-dependent malicious users to bypass a stack-guard protection mechanism via crafted input to an affe...
Apple Xcode
7.8
CVSSv3
CVE-2022-26747
This issue was addressed with improved checks. This issue is fixed in Xcode 13.4. An app may be able to gain elevated privileges.
Apple Xcode
7.8
CVSSv3
CVE-2022-42797
An injection issue was addressed with improved input validation. This issue is fixed in Xcode 14.1. An app may be able to gain root privileges.
Apple Xcode
NA
CVE-2015-7049
otools in Apple Xcode prior to 7.2 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted mach-o file, a different vulnerability than CVE-2015-7057.
Apple Xcode
NA
CVE-2015-7056
IDE SCM in Apple Xcode prior to 7.2 does not recognize .gitignore files, which allows remote malicious users to obtain sensitive information in opportunistic circumstances by leveraging the presence of a file matching an ignore pattern.
Apple Xcode
6.3
CVSSv3
CVE-2023-27945
This issue was addressed with improved entitlements. This issue is fixed in Xcode 14.3, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. A sandboxed app may be able to collect system logs.
Apple Xcode
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »