Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apple xcode vulnerabilities and exploits
(subscribe to this query)
605
VMScore
CVE-2017-7136
An issue exists in certain Apple products. Xcode prior to 9 is affected. The issue involves the "ld64" component. It allows remote malicious users to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Mach-O file.
Apple Xcode
605
VMScore
CVE-2017-7137
An issue exists in certain Apple products. Xcode prior to 9 is affected. The issue involves the "ld64" component. It allows remote malicious users to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Mach-O file.
Apple Xcode
605
VMScore
CVE-2016-7578
An issue exists in certain Apple products. iOS prior to 10.1 is affected. Safari prior to 10.0.1 is affected. iCloud prior to 6.0.1 is affected. iTunes prior to 12.5.2 is affected. tvOS prior to 10.0.1 is affected. The issue involves the "WebKit" component. It allows re...
Apple Safari
Apple Iphone Os
Apple Icloud
Apple Itunes
Apple Tvos
1 Article
578
VMScore
CVE-2019-8840
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in Xcode 11.3. Compiling with untrusted sources may lead to arbitrary code execution with user privileges.
Apple Xcode
456
VMScore
CVE-2021-21300
Git is an open-source distributed revision control system. In affected versions of Git a specially crafted repository that contains symbolic links as well as files using a clean/smudge filter such as Git LFS, may cause just-checked out script to be executed while cloning onto a c...
Git-scm Git
Git-scm Git 2.27.0
Git-scm Git 2.28.0
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Apple Xcode
Debian Debian Linux 10.0
8 Github repositories
1 Article
445
VMScore
CVE-2015-7056
IDE SCM in Apple Xcode prior to 7.2 does not recognize .gitignore files, which allows remote malicious users to obtain sensitive information in opportunistic circumstances by leveraging the presence of a file matching an ignore pattern.
Apple Xcode
445
VMScore
CVE-2015-5909
IDE Xcode Server in Apple Xcode prior to 7.0 does not properly restrict access to repository e-mail lists, which allows remote malicious users to obtain potentially sensitive build information in opportunistic circumstances by leveraging incorrect notification delivery.
Apple Xcode
445
VMScore
CVE-2015-3027
Clang in LLVM, as used in Apple Xcode prior to 6.3, performs incorrect register allocation in a way that triggers stack storage for stack cookie pointers, which might allow context-dependent malicious users to bypass a stack-guard protection mechanism via crafted input to an affe...
Apple Xcode
445
VMScore
CVE-2012-3698
Apple Xcode prior to 4.4 does not properly compose a designated requirement (DR) during signing of programs that lack bundle identifiers, which allows remote malicious users to read keychain entries via a crafted app, as demonstrated by the keychain entries of a (1) helper tool o...
Apple Xcode 4.1.1
Apple Xcode 4.0.2
Apple Xcode 4.0.1
Apple Xcode 4.0
Apple Xcode 2.4.0
Apple Xcode 2.3.0
Apple Xcode 1.5.0
Apple Xcode 2.0.0
Apple Xcode
Apple Xcode 4.3.1
Apple Xcode 3.2.4
Apple Xcode 3.2.2
Apple Xcode 3.1.1
Apple Xcode 2.4.1
Apple Xcode 2.1.0
Apple Xcode 4.3.2
Apple Xcode 4.2.1
Apple Xcode 3.2.5
Apple Xcode 3.2.3
Apple Xcode 3.1
Apple Xcode 2.2.0
Apple Xcode 4.2
445
VMScore
CVE-2008-2318
The WOHyperlink implementation in WebObjects in Apple Xcode tools prior to 3.1 appends local session IDs to generated non-local URLs, which allows remote malicious users to obtain potentially sensitive information by reading the requests for these URLs.
Apple Xcode Tools 1.0
Apple Xcode Tools 2.0
Apple Xcode Tools
Apple Xcode Tools 2.3
Apple Xcode Tools 2.4
Apple Xcode Tools 2.1
Apple Xcode Tools 2.2.1
Apple Xcode 1.5
Apple Xcode 2.2
Apple Xcode Tools 2.4.1
Apple Xcode Tools 2.5
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »