Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apple xcode vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2015-5909
IDE Xcode Server in Apple Xcode prior to 7.0 does not properly restrict access to repository e-mail lists, which allows remote malicious users to obtain potentially sensitive build information in opportunistic circumstances by leveraging incorrect notification delivery.
Apple Xcode
NA
CVE-2015-5910
IDE Xcode Server in Apple Xcode prior to 7.0 does not ensure that server traffic is encrypted, which allows remote malicious users to obtain sensitive information by sniffing the network.
Apple Xcode
7.8
CVSSv3
CVE-2022-42797
An injection issue was addressed with improved input validation. This issue is fixed in Xcode 14.1. An app may be able to gain root privileges.
Apple Xcode
NA
CVE-2015-3027
Clang in LLVM, as used in Apple Xcode prior to 6.3, performs incorrect register allocation in a way that triggers stack storage for stack cookie pointers, which might allow context-dependent malicious users to bypass a stack-guard protection mechanism via crafted input to an affe...
Apple Xcode
5.5
CVSSv3
CVE-2023-40435
This issue was addressed by enabling hardened runtime. This issue is fixed in Xcode 15. An app may be able to access App Store credentials.
Apple Xcode
8.8
CVSSv3
CVE-2019-8722
Multiple issues in ld64 in the Xcode toolchains were addressed by updating to version ld64-507.4. This issue is fixed in Xcode 11.0. Compiling code without proper input validation could lead to arbitrary code execution with user privilege.
Apple Xcode
5.5
CVSSv3
CVE-2021-1800
A path handling issue was addressed with improved validation. This issue is fixed in Xcode 12.4. A malicious application may be able to access arbitrary files on the host device while running an app that uses on-demand resources with Xcode.
Apple Xcode
1 Article
7.8
CVSSv3
CVE-2018-4357
A memory corruption issue was addressed with improved input validation. This issue affected versions prior to Xcode 10.
Apple Xcode
7.8
CVSSv3
CVE-2016-4704
otool in Apple Xcode prior to 8 allows local users to gain privileges or cause a denial of service (memory corruption and application crash) via unspecified vectors, a different vulnerability than CVE-2016-4705.
Apple Xcode
6.3
CVSSv3
CVE-2023-27945
This issue was addressed with improved entitlements. This issue is fixed in Xcode 14.3, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. A sandboxed app may be able to collect system logs.
Apple Xcode
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »