Apple

XCode

89 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2022-22601

  • EPSS 0.44%
  • Published 18.03.2022 18:15:13
  • Last modified 21.11.2024 06:47:06

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in Xcode 13.3. Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code execution.

10

CVE-2021-44228

Warning Exploit
  • EPSS 94.36%
  • Published 10.12.2021 10:15:09
  • Last modified 08.08.2025 18:52:00

Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An atta...

5.5

CVE-2021-1800

  • EPSS 0.2%
  • Published 02.04.2021 19:15:19
  • Last modified 21.11.2024 05:45:08

A path handling issue was addressed with improved validation. This issue is fixed in Xcode 12.4. A malicious application may be able to access arbitrary files on the host device while running an app that uses on-demand resources with Xcode.

7.5

CVE-2021-21300

Exploit
  • EPSS 74.69%
  • Published 09.03.2021 20:15:13
  • Last modified 21.11.2024 05:47:58

Git is an open-source distributed revision control system. In affected versions of Git a specially crafted repository that contains symbolic links as well as files using a clean/smudge filter such as Git LFS, may cause just-checked out script to be e...

8.8

CVE-2019-8840

  • EPSS 0.98%
  • Published 27.10.2020 20:15:21
  • Last modified 21.11.2024 04:50:34

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in Xcode 11.3. Compiling with untrusted sources may lead to arbitrary code execution with user privileges.

9.3

CVE-2020-9992

  • EPSS 3.96%
  • Published 16.10.2020 17:15:18
  • Last modified 21.11.2024 05:41:39

This issue was addressed by encrypting communications over the network to devices running iOS 14, iPadOS 14, tvOS 14, and watchOS 7. This issue is fixed in iOS 14.0 and iPadOS 14.0, Xcode 12.0. An attacker in a privileged network position may be able...

9.8

CVE-2014-9390

  • EPSS 53.35%
  • Published 12.02.2020 02:15:10
  • Last modified 21.11.2024 02:20:45

Git before 1.8.5.6, 1.9.x before 1.9.5, 2.0.x before 2.0.5, 2.1.x before 2.1.4, and 2.2.x before 2.2.1 on Windows and OS X; Mercurial before 3.2.3 on Windows and OS X; Apple Xcode before 6.2 beta 3; mine all versions before 08-12-2014; libgit2 all ve...

5.3

CVE-2019-20372

Exploit
  • EPSS 67.67%
  • Published 09.01.2020 21:15:12
  • Last modified 21.11.2024 04:38:19

NGINX before 1.17.7, with certain error_page configurations, allows HTTP request smuggling, as demonstrated by the ability of an attacker to read unauthorized web pages in environments where NGINX is being fronted by a load balancer.

7.8

CVE-2019-8806

  • EPSS 0.34%
  • Published 18.12.2019 18:15:43
  • Last modified 21.11.2024 04:50:30

A memory corruption issue was addressed with improved validation. This issue is fixed in Xcode 11.2. Processing a maliciously crafted file may lead to arbitrary code execution.

7.8

CVE-2019-8800

  • EPSS 0.34%
  • Published 18.12.2019 18:15:42
  • Last modified 21.11.2024 04:50:29

A memory corruption issue was addressed with improved validation. This issue is fixed in Xcode 11.2. Processing a maliciously crafted file may lead to arbitrary code execution.