Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apple xcode vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-27967
The issue was addressed with improved memory handling. This issue is fixed in Xcode 14.3. An app may be able to execute arbitrary code out of its sandbox or with certain elevated privileges.
Apple Xcode
605
VMScore
CVE-2022-26747
This issue was addressed with improved checks. This issue is fixed in Xcode 13.4. An app may be able to gain elevated privileges.
Apple Xcode
445
VMScore
CVE-2015-5909
IDE Xcode Server in Apple Xcode prior to 7.0 does not properly restrict access to repository e-mail lists, which allows remote malicious users to obtain potentially sensitive build information in opportunistic circumstances by leveraging incorrect notification delivery.
Apple Xcode
605
VMScore
CVE-2017-7135
An issue exists in certain Apple products. Xcode prior to 9 is affected. The issue involves the "ld64" component. It allows remote malicious users to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Mach-O file.
Apple Xcode
605
VMScore
CVE-2017-7167
An issue exists in certain Apple products. Xcode prior to 9.2 is affected. The issue involves the "ld64" component. A buffer overflow allows remote malicious users to execute arbitrary code via crafted source code.
Apple Xcode
NA
CVE-2022-42797
An injection issue was addressed with improved input validation. This issue is fixed in Xcode 14.1. An app may be able to gain root privileges.
Apple Xcode
605
VMScore
CVE-2019-8739
A memory corruption issue was addressed with improved state management. This issue is fixed in Xcode 11.0. Processing a maliciously crafted file may lead to arbitrary code execution.
Apple Xcode
NA
CVE-2022-32920
The issue was addressed with improved checks. This issue is fixed in Xcode 14.0. Parsing a file may lead to disclosure of user information.
Apple Xcode
NA
CVE-2023-40435
This issue was addressed by enabling hardened runtime. This issue is fixed in Xcode 15. An app may be able to access App Store credentials.
Apple Xcode
445
VMScore
CVE-2015-7056
IDE SCM in Apple Xcode prior to 7.2 does not recognize .gitignore files, which allows remote malicious users to obtain sensitive information in opportunistic circumstances by leveraging the presence of a file matching an ignore pattern.
Apple Xcode
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49333
CVE-2024-33901
CVE-2024-36001
CVE-2024-2835
firewall
XPath injection
authentication bypass
CVE-2024-22120
CVE-2024-32002
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »