Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apple xcode vulnerabilities and exploits
(subscribe to this query)
4.6
CVSSv2
CVE-2016-1765
otool in Apple Xcode prior to 7.3 allows local users to gain privileges or cause a denial of service (memory corruption and application crash) via unspecified vectors.
Apple Xcode
4.6
CVSSv2
CVE-2015-7049
otools in Apple Xcode prior to 7.2 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted mach-o file, a different vulnerability than CVE-2015-7057.
Apple Xcode
4.6
CVSSv2
CVE-2015-7057
otools in Apple Xcode prior to 7.2 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted mach-o file, a different vulnerability than CVE-2015-7049.
Apple Xcode
4.3
CVSSv2
CVE-2021-1800
A path handling issue was addressed with improved validation. This issue is fixed in Xcode 12.4. A malicious application may be able to access arbitrary files on the host device while running an app that uses on-demand resources with Xcode.
Apple Xcode
1 Article
4.3
CVSSv2
CVE-2019-20372
NGINX prior to 1.17.7, with certain error_page configurations, allows HTTP request smuggling, as demonstrated by the ability of an malicious user to read unauthorized web pages in environments where NGINX is being fronted by a load balancer.
F5 Nginx
Apple Xcode
Canonical Ubuntu Linux 14.04
Opensuse Leap 15.1
Netapp Cloud Backup -
4 Github repositories
4.3
CVSSv2
CVE-2016-4613
An issue exists in certain Apple products. Safari prior to 10.0.1 is affected. iCloud prior to 6.0.1 is affected. iTunes prior to 12.5.2 is affected. tvOS prior to 10.0.1 is affected. The issue involves the "WebKit" component. It allows remote malicious users to obtain ...
Apple Safari
Apple Icloud
Apple Itunes
Apple Apple Tv 10.0.0
1 Article
4.3
CVSSv2
CVE-2014-4406
Cross-site scripting (XSS) vulnerability in Xcode Server in CoreCollaboration in Apple OS X Server prior to 3.2.1 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Apple Os X Server 2.1.1
Apple Os X Server 2.1
Apple Os X Server
Apple Os X Server 2.0
Apple Os X Server 3.0
Apple Os X Server 3.0.1
Apple Os X Server 2.2.2
Apple Os X Server 3.0.2
Apple Os X Server 3.0.3
Apple Os X Server 2.2.1
Apple Os X Server 2.2
Apple Os X Server 3.1
Apple Os X Server 3.1.1
4
CVSSv2
CVE-2014-3522
The Serf RA layer in Apache Subversion 1.4.0 up to and including 1.7.x prior to 1.7.18 and 1.8.x prior to 1.8.10 does not properly handle wildcards in the Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle malicious users to spoof se...
Apache Subversion 1.7.17
Apache Subversion 1.8.7
Apache Subversion 1.8.5
Apache Subversion 1.8.6
Apache Subversion 1.7.13
Apache Subversion 1.7.14
Apache Subversion 1.7.7
Apache Subversion 1.7.8
Apache Subversion 1.6.14
Apache Subversion 1.6.15
Apache Subversion 1.6.21
Apache Subversion 1.6.23
Apache Subversion 1.6.9
Apache Subversion 1.5.0
Apache Subversion 1.5.8
Apache Subversion 1.4.0
Apache Subversion 1.8.2
Apache Subversion 1.8.3
Apache Subversion 1.8.4
Apache Subversion 1.7.11
Apache Subversion 1.7.12
Apache Subversion 1.7.5
4
CVSSv2
CVE-2006-1466
Xcode Tools prior to 2.3 for Mac OS X 10.4, when running the WebObjects plugin, allows remote malicious users to access or modify WebObjects projects through a network service.
Apple Xcode
Apple Mac Os X 10.4
3.3
CVSSv2
CVE-2015-5910
IDE Xcode Server in Apple Xcode prior to 7.0 does not ensure that server traffic is encrypted, which allows remote malicious users to obtain sensitive information by sniffing the network.
Apple Xcode
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4671
unauthorized
CVE-2024-4776
CVE-2024-3407
CVE-2024-26026
CVE-2024-32888
wireless
CVE-2024-4656
template injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »