Integer overflow

Integer overflow in the simulator in Swift in Apple Xcode before 6.3 allows context-dependent attackers to cause a denial of service or possibly have unspecified other impact by triggering an incorrect result of a type conversion...

CVE-2015-1149

Integer overflow in the simulator in Swift in Apple Xcode before 6.3 allows context-dependent attackers to cause a denial of service or possibly have unspecified other impact by triggering an incorrect result of a type conversion...

CVE-2015-1149

CVE-2015-1149 affects the Swift simulator in Apple Xcode prior to 6.3. The issue is an integer overflow during type-conversion in the Swift simulator, which can cause conversions to return unexpected values and enable a denial-of-service or related unspecified impact. Affected product: Xcode and ...

CVE-2015-3027

Clang in LLVM, as used in Apple Xcode before 6.3, performs incorrect register allocation in a way that triggers stack storage for stack cookie pointers, which might allow context-dependent attackers to bypass a stack-guard protection mechanism via crafted input to an affected C program...

CVE-2015-3027

CVE-2015-3027 concerns Clang in LLVM as used in Apple Xcode prior to 6.3, where incorrect register allocation triggers stack storage for stack-cookie pointers. This behavior can allow context-dependent attackers to bypass the stack-guard protection mechanism in an affected C program. The provided...

Apple Xcode < 6.3 (Mac OS X)

The version of Apple Xcode installed on the remote Mac OS X host is prior to 6.3. It is, therefore, affected by the multiple vulnerabilities : - A stack allocation issue in Clang allows an attacker to bypass stack guards. BID 73987 - An integer overflow issue in the Swift simulator leads to...

Apple Xcode < 6.2 (Mac OS X)

The Apple Xcode installed on the remote Mac OS X host is prior to version 6.2. It is, therefore, affected by the following vulnerabilities : - Numerous errors exist related to the bundled version of Apache Subversion. CVE-2014-3522, CVE-2014-3528, CVE-2014-3580, CVE-2014-8108 - An error exists...

CIA Has Been Hacking iPhone and iPad Encryption Security

Security researchers at the Central Intelligence Agency CIA have worked for almost a decade to target security keys used to encrypt data stored on Apple devices in order to break the system. Citing the top-secret documents obtained from NSA whistleblower Edward Snowden, The Intercept blog reporte...

Apple Addresses FREAK and Releases Security Updates for OS X, iOS, and Apple TV

Apple has released security updates for OS X, iOS, and Apple TV to address multiple vulnerabilities, one of which may allow an attacker to decrypt secure communications between vulnerable clients and servers FREAK. Updates available include: Xcode 6.2 for OS X Mavericks v10.9.4 or later Security...

Apple Xcode < 6.2 beta 3 .git/config Command Execution (Mac OS X) (deprecated)

The remote Mac OS X host has a version of Apple Xcode prior to 6.2 beta 3. It is, therefore, affected by a remote command execution vulnerability when processing git trees in a case-insensitive or case-normalizing file system. A remote attacker, using a specially crafted git tree, can overwrite a...

APPLE-SA-2014-12-18-1 Xcode 6.2 beta 3

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2014-12-18-1 Xcode 6.2 beta 3 Xcode 6.2 beta 3 is now available and addresses the following: Git Available for: OS X Mavericks v10.9.4 or later Impact: Synching with a malicious git repository may allow unexpected files to be added to the .gi...

Apple Xcode git client unauthorized files access

Invali processing of characters case in special files names...

UBUNTU-CVE-2014-9390

Git before 1.8.5.6, 1.9.x before 1.9.5, 2.0.x before 2.0.5, 2.1.x before 2.1.4, and 2.2.x before 2.2.1 on Windows and OS X; Mercurial before 3.2.3 on Windows and OS X; Apple Xcode before 6.2 beta 3; mine all versions before 08-12-2014; libgit2 all versions up to 0.21.2; Egit all versions before...

CVE-2014-9390

Git before 1.8.5.6, 1.9.x before 1.9.5, 2.0.x before 2.0.5, 2.1.x before 2.1.4, and 2.2.x before 2.2.1 on Windows and OS X; Mercurial before 3.2.3 on Windows and OS X; Apple Xcode before 6.2 beta 3; mine all versions before 08-12-2014; libgit2 all versions up to 0.21.2; Egit all versions before...

Apple Xcode < 6.0.1 (Mac OS X)

The remote Mac OS X host has a version of Apple Xcode prior to 6.0.1 installed. It is, therefore, affected by a denial of service vulnerability in the bundled Subversion component. The 'getresource' function in 'repos.c' in the 'moddavsvn' module allows remote attackers to cause a denial of servi...

xcode-select 13.4.0 Buffer Overflow

Exploit Title: xcode-select - buffer overflow Description: xcode-select controls the location of the developer directory used by xcrun1, xcodebuild1, cc1, and other Xcode and BSD development tools. Date: Tuesday 23 2014 Exploit Author: Juan Sacco Vendor Homepage: https://developer.apple.com...

CVE-2014-4406

Cross-site scripting XSS vulnerability in Xcode Server in CoreCollaboration in Apple OS X Server before 3.2.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

Cross site scripting

Cross-site scripting XSS vulnerability in Xcode Server in CoreCollaboration in Apple OS X Server before 3.2.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2014-4406

Cross-site scripting XSS vulnerability in Xcode Server in CoreCollaboration in Apple OS X Server before 3.2.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2014-4406

Apple OS X Server’s CoreCollaboration component (Xcode Server) is affected by CVE-2014-4406, a Cross-site Scripting (XSS) vulnerability in Xcode Server prior to 3.2.1. The issue allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. The connected open-source/enter...