IDCVSSSummaryLast (major) updatePublished
CVE-2015-3184 5.0
mod_authz_svn in Apache Subversion 1.7.x before 1.7.21 and 1.8.x before 1.8.14, when using Apache httpd 2.4.x, does not properly restrict anonymous access, which allows remote anonymous users to read hidden files via the path name.
01-07-2017 - 01:29 12-08-2015 - 14:59
CVE-2015-3187 4.0
The svn_repos_trace_node_locations function in Apache Subversion before 1.7.21 and 1.8.x before 1.8.14, when path-based authorization is used, allows remote authenticated users to obtain sensitive path information by reading the history of a node tha
01-07-2017 - 01:29 12-08-2015 - 14:59
CVE-2006-1466 4.0
Xcode Tools before 2.3 for Mac OS X 10.4, when running the WebObjects plugin, allows remote attackers to access or modify WebObjects projects through a network service.
20-07-2017 - 01:30 24-05-2006 - 01:02
CVE-2015-1149 7.5
Integer overflow in the simulator in Swift in Apple Xcode before 6.3 allows context-dependent attackers to cause a denial of service or possibly have unspecified other impact by triggering an incorrect result of a type conversion.
11-09-2015 - 17:58 10-04-2015 - 14:59
CVE-2015-3027 5.0
Clang in LLVM, as used in Apple Xcode before 6.3, performs incorrect register allocation in a way that triggers stack storage for stack cookie pointers, which might allow context-dependent attackers to bypass a stack-guard protection mechanism via cr
03-12-2016 - 03:07 10-04-2015 - 15:00
CVE-2006-5327 7.2
Untrusted search path vulnerability in OpenBase SQL 10.0 and earlier, as used in Apple Xcode 2.2 2.2 and earlier and possibly other products, allows local users to execute arbitrary code via a modified PATH that references a malicious gzip program, w
13-08-2018 - 21:47 17-10-2006 - 21:07
CVE-2006-5328 7.2
OpenBase SQL 10.0 and earlier, as used in Apple Xcode 2.2 2.2 and earlier and possibly other products, allows local users to create arbitrary files via a symlink attack on the simulation.sql file.
13-08-2018 - 21:47 17-10-2006 - 21:07
CVE-2012-3698 5.0
Apple Xcode before 4.4 does not properly compose a designated requirement (DR) during signing of programs that lack bundle identifiers, which allows remote attackers to read keychain entries via a crafted app, as demonstrated by the keychain entries
31-07-2012 - 04:00 26-07-2012 - 19:55
CVE-2015-5909 5.0
IDE Xcode Server in Apple Xcode before 7.0 does not properly restrict access to repository e-mail lists, which allows remote attackers to obtain potentially sensitive build information in opportunistic circumstances by leveraging incorrect notificati
22-12-2016 - 03:00 18-09-2015 - 12:00
CVE-2016-1765 4.6
otool in Apple Xcode before 7.3 allows local users to gain privileges or cause a denial of service (memory corruption and application crash) via unspecified vectors.
03-12-2016 - 03:22 24-03-2016 - 01:59
CVE-2015-5910 3.3
IDE Xcode Server in Apple Xcode before 7.0 does not ensure that server traffic is encrypted, which allows remote attackers to obtain sensitive information by sniffing the network.
22-12-2016 - 03:00 18-09-2015 - 12:00
CVE-2016-4704 7.2
otool in Apple Xcode before 8 allows local users to gain privileges or cause a denial of service (memory corruption and application crash) via unspecified vectors, a different vulnerability than CVE-2016-4705.
13-08-2017 - 01:29 18-09-2016 - 22:59
CVE-2015-7049 4.6
otools in Apple Xcode before 7.2 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted mach-o file, a different vulnerability than CVE-2015-7057.
07-12-2016 - 18:22 11-12-2015 - 11:59
CVE-2015-7056 5.0
IDE SCM in Apple Xcode before 7.2 does not recognize .gitignore files, which allows remote attackers to obtain sensitive information in opportunistic circumstances by leveraging the presence of a file matching an ignore pattern.
07-12-2016 - 18:22 11-12-2015 - 11:59
CVE-2016-4705 7.2
otool in Apple Xcode before 8 allows local users to gain privileges or cause a denial of service (memory corruption and application crash) via unspecified vectors, a different vulnerability than CVE-2016-4704.
13-08-2017 - 01:29 18-09-2016 - 22:59
CVE-2014-9390 7.5
Git before 1.8.5.6, 1.9.x before 1.9.5, 2.0.x before 2.0.5, 2.1.x before 2.1.4, and 2.2.x before 2.2.1 on Windows and OS X; Mercurial before 3.2.3 on Windows and OS X; Apple Xcode before 6.2 beta 3; mine all versions before 08-12-2014; libgit2 all ve
09-09-2020 - 18:15 12-02-2020 - 02:15
CVE-2015-7057 4.6
otools in Apple Xcode before 7.2 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted mach-o file, a different vulnerability than CVE-2015-7049.
07-12-2016 - 18:22 11-12-2015 - 11:59
CVE-2015-7030 7.5
The Swift implementation in Apple Xcode before 7.1 mishandles type conversion, which has unspecified impact and attack vectors.
24-12-2016 - 02:59 23-10-2015 - 10:59
CVE-2017-7137 6.8
An issue was discovered in certain Apple products. Xcode before 9 is affected. The issue involves the "ld64" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a
27-10-2017 - 13:49 23-10-2017 - 01:29
CVE-2019-8739 6.8
A memory corruption issue was addressed with improved state management. This issue is fixed in Xcode 11.0. Processing a maliciously crafted file may lead to arbitrary code execution.
30-12-2019 - 21:08 18-12-2019 - 18:15
CVE-2019-8721 9.3
Multiple issues in ld64 in the Xcode toolchains were addressed by updating to version ld64-507.4. This issue is fixed in Xcode 11.0. Compiling code without proper input validation could lead to arbitrary code execution with user privilege.
23-12-2019 - 19:06 18-12-2019 - 18:15
CVE-2018-4164 10.0
An issue was discovered in certain Apple products. Xcode before 9.3 is affected. The issue, which is unspecified, involves the "LLVM" component.
04-05-2018 - 14:41 03-04-2018 - 06:29
CVE-2019-8800 6.8
A memory corruption issue was addressed with improved validation. This issue is fixed in Xcode 11.2. Processing a maliciously crafted file may lead to arbitrary code execution.
30-12-2019 - 17:19 18-12-2019 - 18:15
CVE-2019-8723 9.3
Multiple issues in ld64 in the Xcode toolchains were addressed by updating to version ld64-507.4. This issue is fixed in Xcode 11.0. Compiling code without proper input validation could lead to arbitrary code execution with user privilege.
22-12-2019 - 16:16 18-12-2019 - 18:15
CVE-2019-8806 6.8
A memory corruption issue was addressed with improved validation. This issue is fixed in Xcode 11.2. Processing a maliciously crafted file may lead to arbitrary code execution.
30-12-2019 - 17:19 18-12-2019 - 18:15
CVE-2019-8738 6.8
A memory corruption issue was addressed with improved state management. This issue is fixed in Xcode 11.0. Processing a maliciously crafted file may lead to arbitrary code execution.
30-12-2019 - 21:06 18-12-2019 - 18:15
CVE-2017-7136 6.8
An issue was discovered in certain Apple products. Xcode before 9 is affected. The issue involves the "ld64" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a
27-10-2017 - 13:53 23-10-2017 - 01:29
CVE-2017-7167 6.8
An issue was discovered in certain Apple products. Xcode before 9.2 is affected. The issue involves the "ld64" component. A buffer overflow allows remote attackers to execute arbitrary code via crafted source code.
04-05-2018 - 13:06 03-04-2018 - 06:29
CVE-2019-8722 9.3
Multiple issues in ld64 in the Xcode toolchains were addressed by updating to version ld64-507.4. This issue is fixed in Xcode 11.0. Compiling code without proper input validation could lead to arbitrary code execution with user privilege.
23-12-2019 - 19:00 18-12-2019 - 18:15
CVE-2018-4357 9.3
A memory corruption issue was addressed with improved input validation. This issue affected versions prior to Xcode 10.
05-04-2019 - 16:13 03-04-2019 - 18:29
CVE-2017-7135 6.8
An issue was discovered in certain Apple products. Xcode before 9 is affected. The issue involves the "ld64" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a
27-10-2017 - 13:53 23-10-2017 - 01:29
CVE-2019-3855 9.3
An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to execute code on the client system wh
15-10-2020 - 13:42 21-03-2019 - 21:29
CVE-2017-7134 6.8
An issue was discovered in certain Apple products. Xcode before 9 is affected. The issue involves the "ld64" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a
27-10-2017 - 13:52 23-10-2017 - 01:29
CVE-2019-8724 9.3
Multiple issues in ld64 in the Xcode toolchains were addressed by updating to version ld64-507.4. This issue is fixed in Xcode 11.0. Compiling code without proper input validation could lead to arbitrary code execution with user privilege.
22-12-2019 - 16:08 18-12-2019 - 18:15
CVE-2020-9992 9.3
This issue was addressed by encrypting communications over the network to devices running iOS 14, iPadOS 14, tvOS 14, and watchOS 7. This issue is fixed in iOS 14.0 and iPadOS 14.0, Xcode 12.0. An attacker in a privileged network position may be able
20-10-2020 - 15:44 16-10-2020 - 17:15
Back to Top Mark selected
Back to Top