Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apple xcode vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2015-3027
Clang in LLVM, as used in Apple Xcode prior to 6.3, performs incorrect register allocation in a way that triggers stack storage for stack cookie pointers, which might allow context-dependent malicious users to bypass a stack-guard protection mechanism via crafted input to an affe...
Apple Xcode
NA
CVE-2015-1149
Integer overflow in the simulator in Swift in Apple Xcode prior to 6.3 allows context-dependent malicious users to cause a denial of service or possibly have unspecified other impact by triggering an incorrect result of a type conversion.
Apple Xcode
NA
CVE-2014-6394
visionmedia send prior to 0.8.4 for Node.js uses a partial comparison for verifying whether a directory is within the document root, which allows remote malicious users to access restricted directories, as demonstrated using "public-restricted" under a "public"...
Fedoraproject Fedora 21
Fedoraproject Fedora 20
Fedoraproject Fedora 19
Apple Xcode 7.0
Joyent Node.js
Joyent Node.js 0.8.2
Joyent Node.js 0.8.1
Joyent Node.js 0.8.0
1 Github repository
6.1
CVSSv3
CVE-2014-4406
Cross-site scripting (XSS) vulnerability in Xcode Server in CoreCollaboration in Apple OS X Server prior to 3.2.1 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Apple Os X Server 2.1.1
Apple Os X Server 2.1
Apple Os X Server
Apple Os X Server 2.0
Apple Os X Server 3.0
Apple Os X Server 3.0.1
Apple Os X Server 2.2.2
Apple Os X Server 3.0.2
Apple Os X Server 3.0.3
Apple Os X Server 2.2.1
Apple Os X Server 2.2
Apple Os X Server 3.1
Apple Os X Server 3.1.1
NA
CVE-2014-3522
The Serf RA layer in Apache Subversion 1.4.0 up to and including 1.7.x prior to 1.7.18 and 1.8.x prior to 1.8.10 does not properly handle wildcards in the Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle malicious users to spoof se...
Apache Subversion 1.7.17
Apache Subversion 1.8.7
Apache Subversion 1.8.5
Apache Subversion 1.8.6
Apache Subversion 1.7.13
Apache Subversion 1.7.14
Apache Subversion 1.7.7
Apache Subversion 1.7.8
Apache Subversion 1.6.14
Apache Subversion 1.6.15
Apache Subversion 1.6.21
Apache Subversion 1.6.23
Apache Subversion 1.6.9
Apache Subversion 1.5.0
Apache Subversion 1.5.8
Apache Subversion 1.4.0
Apache Subversion 1.8.2
Apache Subversion 1.8.3
Apache Subversion 1.8.4
Apache Subversion 1.7.11
Apache Subversion 1.7.12
Apache Subversion 1.7.5
NA
CVE-2012-3698
Apple Xcode prior to 4.4 does not properly compose a designated requirement (DR) during signing of programs that lack bundle identifiers, which allows remote malicious users to read keychain entries via a crafted app, as demonstrated by the keychain entries of a (1) helper tool o...
Apple Xcode 4.1.1
Apple Xcode 4.0.2
Apple Xcode 4.0.1
Apple Xcode 4.0
Apple Xcode 2.4.0
Apple Xcode 2.3.0
Apple Xcode 1.5.0
Apple Xcode 2.0.0
Apple Xcode
Apple Xcode 4.3.1
Apple Xcode 3.2.4
Apple Xcode 3.2.2
Apple Xcode 3.1.1
Apple Xcode 2.4.1
Apple Xcode 2.1.0
Apple Xcode 4.3.2
Apple Xcode 4.2.1
Apple Xcode 3.2.5
Apple Xcode 3.2.3
Apple Xcode 3.1
Apple Xcode 2.2.0
Apple Xcode 4.2
NA
CVE-2011-3230
Apple Safari prior to 5.1.1 on Mac OS X does not enforce an intended policy for file: URLs, which allows remote malicious users to execute arbitrary code via a crafted web site.
Apple Safari
Apple Safari 5.0.6
Apple Safari 4.1.2
Apple Safari 4.1.1
Apple Safari 4.1
Apple Safari 4.0.0b
Apple Safari 4.0
Apple Safari 3.1.2b
Apple Safari 3.1.2
Apple Safari 3.0.4b
Apple Safari 3.0.4
Apple Safari 3.0.2b
Apple Safari 3.0.2
Apple Safari 3.0.0b
Apple Safari 2.0.3
Apple Safari 2
Apple Safari 1.3.2
Apple Safari 1.2.4
Apple Safari 1.2.3
Apple Safari 1.0b1
Apple Safari 1.0
Apple Safari 1.0.0b2
1 EDB exploit
NA
CVE-2008-2304
Buffer overflow in Apple Core Image Fun House 2.0 and previous versions in CoreImage Examples in Xcode tools prior to 3.1 allows user-assisted malicious users to execute arbitrary code or cause a denial of service (application crash) via a .funhouse file with a string XML element...
Apple Core Image Fun House
1 EDB exploit
NA
CVE-2008-2318
The WOHyperlink implementation in WebObjects in Apple Xcode tools prior to 3.1 appends local session IDs to generated non-local URLs, which allows remote malicious users to obtain potentially sensitive information by reading the requests for these URLs.
Apple Xcode Tools 1.0
Apple Xcode Tools 2.0
Apple Xcode Tools
Apple Xcode Tools 2.3
Apple Xcode Tools 2.4
Apple Xcode Tools 2.1
Apple Xcode Tools 2.2.1
Apple Xcode 1.5
Apple Xcode 2.2
Apple Xcode Tools 2.4.1
Apple Xcode Tools 2.5
NA
CVE-2006-5327
Untrusted search path vulnerability in OpenBase SQL 10.0 and previous versions, as used in Apple Xcode 2.2 2.2 and previous versions and possibly other products, allows local users to execute arbitrary code via a modified PATH that references a malicious gzip program, which is ex...
Openbase International Ltd Openbase 7.0.15
Openbase International Ltd Openbase
Openbase International Ltd Openbase 9.1.5
Openbase International Ltd Openbase 8.0.4
Apple Xcode
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
NEXT »