Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apple xcode vulnerabilities and exploits
(subscribe to this query)
356
VMScore
CVE-2006-1466
Xcode Tools prior to 2.3 for Mac OS X 10.4, when running the WebObjects plugin, allows remote malicious users to access or modify WebObjects projects through a network service.
Apple Xcode
Apple Mac Os X 10.4
294
VMScore
CVE-2015-5910
IDE Xcode Server in Apple Xcode prior to 7.0 does not ensure that server traffic is encrypted, which allows remote malicious users to obtain sensitive information by sniffing the network.
Apple Xcode
NA
CVE-2024-23298
A logic issue was addressed with improved state management.
NA
CVE-2023-32383
This issue was addressed by forcing hardened runtime on the affected binaries at the system level. This issue is fixed in macOS Monterey 12.6.6, macOS Big Sur 11.7.7, macOS Ventura 13.4. An app may be able to inject code into sensitive binaries bundled with Xcode.
Apple Macos
NA
CVE-2023-40391
The issue was addressed with improved memory handling. This issue is fixed in tvOS 17, iOS 17 and iPadOS 17, macOS Sonoma 14, Xcode 15. An app may be able to disclose kernel memory.
Apple Macos
Apple Iphone Os
Apple Ipados
Apple Tvos
Apple Xcode
NA
CVE-2023-40435
This issue was addressed by enabling hardened runtime. This issue is fixed in Xcode 15. An app may be able to access App Store credentials.
Apple Xcode
NA
CVE-2023-32396
This issue was addressed with improved checks. This issue is fixed in Xcode 15, tvOS 17, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. An app may be able to gain elevated privileges.
Apple Macos
Apple Watchos
Apple Iphone Os
Apple Ipados
Apple Tvos
Apple Xcode
NA
CVE-2022-32920
The issue was addressed with improved checks. This issue is fixed in Xcode 14.0. Parsing a file may lead to disclosure of user information.
Apple Xcode
NA
CVE-2023-27945
This issue was addressed with improved entitlements. This issue is fixed in Xcode 14.3, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. A sandboxed app may be able to collect system logs.
Apple Xcode
NA
CVE-2023-27967
The issue was addressed with improved memory handling. This issue is fixed in Xcode 14.3. An app may be able to execute arbitrary code out of its sandbox or with certain elevated privileges.
Apple Xcode
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37884
CVE-2024-6003
remote
brute force
information disclosure
CVE-2024-27801
CVE-2024-30078
CVE-2024-31870
CVE-2024-6042
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
NEXT »