Apple

XCode

89 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2019-8739

  • EPSS 0.42%
  • Published 18.12.2019 18:15:38
  • Last modified 21.11.2024 04:50:23

A memory corruption issue was addressed with improved state management. This issue is fixed in Xcode 11.0. Processing a maliciously crafted file may lead to arbitrary code execution.

7.8

CVE-2019-8738

  • EPSS 0.42%
  • Published 18.12.2019 18:15:37
  • Last modified 21.11.2024 04:50:23

A memory corruption issue was addressed with improved state management. This issue is fixed in Xcode 11.0. Processing a maliciously crafted file may lead to arbitrary code execution.

9.3

CVE-2019-8724

  • EPSS 0.46%
  • Published 18.12.2019 18:15:37
  • Last modified 21.11.2024 04:50:21

Multiple issues in ld64 in the Xcode toolchains were addressed by updating to version ld64-507.4. This issue is fixed in Xcode 11.0. Compiling code without proper input validation could lead to arbitrary code execution with user privilege.

9.3

CVE-2019-8722

  • EPSS 0.6%
  • Published 18.12.2019 18:15:36
  • Last modified 21.11.2024 04:50:21

Multiple issues in ld64 in the Xcode toolchains were addressed by updating to version ld64-507.4. This issue is fixed in Xcode 11.0. Compiling code without proper input validation could lead to arbitrary code execution with user privilege.

9.3

CVE-2019-8723

  • EPSS 0.46%
  • Published 18.12.2019 18:15:36
  • Last modified 21.11.2024 04:50:21

Multiple issues in ld64 in the Xcode toolchains were addressed by updating to version ld64-507.4. This issue is fixed in Xcode 11.0. Compiling code without proper input validation could lead to arbitrary code execution with user privilege.

9.3

CVE-2019-8721

  • EPSS 0.6%
  • Published 18.12.2019 18:15:36
  • Last modified 21.11.2024 04:50:21

Multiple issues in ld64 in the Xcode toolchains were addressed by updating to version ld64-507.4. This issue is fixed in Xcode 11.0. Compiling code without proper input validation could lead to arbitrary code execution with user privilege.

9.8

CVE-2019-14379

  • EPSS 1.46%
  • Published 29.07.2019 12:15:16
  • Last modified 21.11.2024 04:26:37

SubTypeValidator.java in FasterXML jackson-databind before 2.9.9.2 mishandles default typing when ehcache is used (because of net.sf.ehcache.transaction.manager.DefaultTransactionManagerLookup), leading to remote code execution.

9.3

CVE-2018-4357

  • EPSS 0.17%
  • Published 03.04.2019 18:29:09
  • Last modified 21.11.2024 04:07:15

A memory corruption issue was addressed with improved input validation. This issue affected versions prior to Xcode 10.

9.3

CVE-2019-3855

  • EPSS 8.94%
  • Published 21.03.2019 21:29:00
  • Last modified 21.11.2024 04:42:43

An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to execute code on the client system wh...

6.1

CVE-2018-16845

  • EPSS 4.03%
  • Published 07.11.2018 14:29:00
  • Last modified 21.11.2024 03:53:25

nginx before versions 1.15.6, 1.14.1 has a vulnerability in the ngx_http_mp4_module, which might allow an attacker to cause infinite loop in a worker process, cause a worker process crash, or might result in worker process memory disclosure by using ...