Apple

XCode

89 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2022-22601

  • EPSS 0.44%
  • Veröffentlicht 18.03.2022 18:15:13
  • Zuletzt bearbeitet 21.11.2024 06:47:06

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in Xcode 13.3. Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code execution.

10

CVE-2021-44228

Warnung Exploit
  • EPSS 94.36%
  • Veröffentlicht 10.12.2021 10:15:09
  • Zuletzt bearbeitet 08.08.2025 18:52:00

Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An atta...

5.5

CVE-2021-1800

  • EPSS 0.2%
  • Veröffentlicht 02.04.2021 19:15:19
  • Zuletzt bearbeitet 21.11.2024 05:45:08

A path handling issue was addressed with improved validation. This issue is fixed in Xcode 12.4. A malicious application may be able to access arbitrary files on the host device while running an app that uses on-demand resources with Xcode.

7.5

CVE-2021-21300

Exploit
  • EPSS 74.69%
  • Veröffentlicht 09.03.2021 20:15:13
  • Zuletzt bearbeitet 21.11.2024 05:47:58

Git is an open-source distributed revision control system. In affected versions of Git a specially crafted repository that contains symbolic links as well as files using a clean/smudge filter such as Git LFS, may cause just-checked out script to be e...

8.8

CVE-2019-8840

  • EPSS 0.98%
  • Veröffentlicht 27.10.2020 20:15:21
  • Zuletzt bearbeitet 21.11.2024 04:50:34

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in Xcode 11.3. Compiling with untrusted sources may lead to arbitrary code execution with user privileges.

9.3

CVE-2020-9992

  • EPSS 3.96%
  • Veröffentlicht 16.10.2020 17:15:18
  • Zuletzt bearbeitet 21.11.2024 05:41:39

This issue was addressed by encrypting communications over the network to devices running iOS 14, iPadOS 14, tvOS 14, and watchOS 7. This issue is fixed in iOS 14.0 and iPadOS 14.0, Xcode 12.0. An attacker in a privileged network position may be able...

9.8

CVE-2014-9390

  • EPSS 53.35%
  • Veröffentlicht 12.02.2020 02:15:10
  • Zuletzt bearbeitet 21.11.2024 02:20:45

Git before 1.8.5.6, 1.9.x before 1.9.5, 2.0.x before 2.0.5, 2.1.x before 2.1.4, and 2.2.x before 2.2.1 on Windows and OS X; Mercurial before 3.2.3 on Windows and OS X; Apple Xcode before 6.2 beta 3; mine all versions before 08-12-2014; libgit2 all ve...

5.3

CVE-2019-20372

Exploit
  • EPSS 67.67%
  • Veröffentlicht 09.01.2020 21:15:12
  • Zuletzt bearbeitet 21.11.2024 04:38:19

NGINX before 1.17.7, with certain error_page configurations, allows HTTP request smuggling, as demonstrated by the ability of an attacker to read unauthorized web pages in environments where NGINX is being fronted by a load balancer.

7.8

CVE-2019-8806

  • EPSS 0.34%
  • Veröffentlicht 18.12.2019 18:15:43
  • Zuletzt bearbeitet 21.11.2024 04:50:30

A memory corruption issue was addressed with improved validation. This issue is fixed in Xcode 11.2. Processing a maliciously crafted file may lead to arbitrary code execution.

7.8

CVE-2019-8800

  • EPSS 0.34%
  • Veröffentlicht 18.12.2019 18:15:42
  • Zuletzt bearbeitet 21.11.2024 04:50:29

A memory corruption issue was addressed with improved validation. This issue is fixed in Xcode 11.2. Processing a maliciously crafted file may lead to arbitrary code execution.