Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apple xcode vulnerabilities and exploits
(subscribe to this query)
4.6
CVSSv2
CVE-2015-7049
otools in Apple Xcode prior to 7.2 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted mach-o file, a different vulnerability than CVE-2015-7057.
Apple Xcode
3.3
CVSSv2
CVE-2015-5910
IDE Xcode Server in Apple Xcode prior to 7.0 does not ensure that server traffic is encrypted, which allows remote malicious users to obtain sensitive information by sniffing the network.
Apple Xcode
6.8
CVSSv2
CVE-2017-7134
An issue exists in certain Apple products. Xcode prior to 9 is affected. The issue involves the "ld64" component. It allows remote malicious users to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Mach-O file.
Apple Xcode
6.8
CVSSv2
CVE-2017-7135
An issue exists in certain Apple products. Xcode prior to 9 is affected. The issue involves the "ld64" component. It allows remote malicious users to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Mach-O file.
Apple Xcode
6.8
CVSSv2
CVE-2017-7136
An issue exists in certain Apple products. Xcode prior to 9 is affected. The issue involves the "ld64" component. It allows remote malicious users to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Mach-O file.
Apple Xcode
6.8
CVSSv2
CVE-2017-7167
An issue exists in certain Apple products. Xcode prior to 9.2 is affected. The issue involves the "ld64" component. A buffer overflow allows remote malicious users to execute arbitrary code via crafted source code.
Apple Xcode
5
CVSSv2
CVE-2015-5909
IDE Xcode Server in Apple Xcode prior to 7.0 does not properly restrict access to repository e-mail lists, which allows remote malicious users to obtain potentially sensitive build information in opportunistic circumstances by leveraging incorrect notification delivery.
Apple Xcode
NA
CVE-2023-27945
This issue was addressed with improved entitlements. This issue is fixed in Xcode 14.3, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. A sandboxed app may be able to collect system logs.
Apple Xcode
NA
CVE-2023-27967
The issue was addressed with improved memory handling. This issue is fixed in Xcode 14.3. An app may be able to execute arbitrary code out of its sandbox or with certain elevated privileges.
Apple Xcode
6.8
CVSSv2
CVE-2017-7137
An issue exists in certain Apple products. Xcode prior to 9 is affected. The issue involves the "ld64" component. It allows remote malicious users to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Mach-O file.
Apple Xcode
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »