Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
AppleXcode*

75 matches found

CVE
CVEadded 2025/03/31 11:15 p.m.51 views

CVE-2025-24226

The issue was addressed with improved checks. This issue is fixed in Xcode 16.3. A malicious app may be able to access private information.

5.5CVSS6AI score0.00011EPSS
CVE
CVEadded 2015/09/18 12:0 p.m.50 views

CVE-2015-5910

IDE Xcode Server in Apple Xcode before 7.0 does not ensure that server traffic is encrypted, which allows remote attackers to obtain sensitive information by sniffing the network.

3.3CVSS5.5AI score0.00144EPSS
CVE
CVEadded 2017/10/23 1:29 a.m.49 views

CVE-2017-7137

An issue was discovered in certain Apple products. Xcode before 9 is affected. The issue involves the "ld64" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Mach-O file.

7.8CVSS8.7AI score0.00502EPSS
CVE
CVEadded 2019/12/18 6:15 p.m.48 views

CVE-2019-8721

Multiple issues in ld64 in the Xcode toolchains were addressed by updating to version ld64-507.4. This issue is fixed in Xcode 11.0. Compiling code without proper input validation could lead to arbitrary code execution with user privilege.

9.3CVSS8.8AI score0.00601EPSS
CVE
CVEadded 2015/12/11 11:59 a.m.46 views

CVE-2015-7049

otools in Apple Xcode before 7.2 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted mach-o file, a different vulnerability than CVE-2015-7057.

4.6CVSS6.2AI score0.00068EPSS
CVE
CVEadded 2015/04/10 2:59 p.m.45 views

CVE-2015-1149

Integer overflow in the simulator in Swift in Apple Xcode before 6.3 allows context-dependent attackers to cause a denial of service or possibly have unspecified other impact by triggering an incorrect result of a type conversion.

7.5CVSS7.3AI score0.00396EPSS
CVE
CVEadded 2017/10/23 1:29 a.m.45 views

CVE-2017-7136

An issue was discovered in certain Apple products. Xcode before 9 is affected. The issue involves the "ld64" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Mach-O file.

7.8CVSS8.7AI score0.00502EPSS
CVE
CVEadded 2023/09/27 3:19 p.m.45 views

CVE-2023-40435

This issue was addressed by enabling hardened runtime. This issue is fixed in Xcode 15. An app may be able to access App Store credentials.

5.5CVSS5AI score0.00116EPSS
CVE
CVEadded 2019/12/18 6:15 p.m.44 views

CVE-2019-8724

Multiple issues in ld64 in the Xcode toolchains were addressed by updating to version ld64-507.4. This issue is fixed in Xcode 11.0. Compiling code without proper input validation could lead to arbitrary code execution with user privilege.

9.3CVSS8.8AI score0.00464EPSS
CVE
CVEadded 2023/09/06 2:15 a.m.44 views

CVE-2022-32920

The issue was addressed with improved checks. This issue is fixed in Xcode 14.0. Parsing a file may lead to disclosure of user information.

5.5CVSS4.7AI score0.00108EPSS
CVE
CVEadded 2024/09/17 12:15 a.m.44 views

CVE-2024-40862

A privacy issue was addressed by removing sensitive data. This issue is fixed in Xcode 16. An attacker may be able to determine the Apple ID of the owner of the computer.

7.5CVSS6.1AI score0.00169EPSS
CVE
CVEadded 2006/10/17 9:7 p.m.43 views

CVE-2006-5328

OpenBase SQL 10.0 and earlier, as used in Apple Xcode 2.2 2.2 and earlier and possibly other products, allows local users to create arbitrary files via a symlink attack on the simulation.sql file.

7.2CVSS6.4AI score0.00053EPSS
CVE
CVEadded 2015/10/23 10:59 a.m.43 views

CVE-2015-7030

The Swift implementation in Apple Xcode before 7.1 mishandles type conversion, which has unspecified impact and attack vectors.

7.5CVSS6.2AI score0.00396EPSS
CVE
CVEadded 2024/10/28 9:15 p.m.43 views

CVE-2024-44228

This issue was addressed with improved permissions checking. This issue is fixed in Xcode 16. An app may be able to inherit Xcode permissions and access user data.

7.5CVSS5.7AI score0.0013EPSS
CVE
CVEadded 2016/09/18 10:59 p.m.42 views

CVE-2016-4704

otool in Apple Xcode before 8 allows local users to gain privileges or cause a denial of service (memory corruption and application crash) via unspecified vectors, a different vulnerability than CVE-2016-4705.

7.8CVSS7.4AI score0.00151EPSS
CVE
CVEadded 2018/04/03 6:29 a.m.42 views

CVE-2017-7167

An issue was discovered in certain Apple products. Xcode before 9.2 is affected. The issue involves the "ld64" component. A buffer overflow allows remote attackers to execute arbitrary code via crafted source code.

7.8CVSS7.5AI score0.01112EPSS
CVE
CVEadded 2016/09/18 10:59 p.m.41 views

CVE-2016-4705

otool in Apple Xcode before 8 allows local users to gain privileges or cause a denial of service (memory corruption and application crash) via unspecified vectors, a different vulnerability than CVE-2016-4704.

7.8CVSS7.4AI score0.00151EPSS
CVE
CVEadded 2019/12/18 6:15 p.m.40 views

CVE-2019-8722

Multiple issues in ld64 in the Xcode toolchains were addressed by updating to version ld64-507.4. This issue is fixed in Xcode 11.0. Compiling code without proper input validation could lead to arbitrary code execution with user privilege.

9.3CVSS8.8AI score0.00601EPSS
CVE
CVEadded 2019/12/18 6:15 p.m.40 views

CVE-2019-8723

Multiple issues in ld64 in the Xcode toolchains were addressed by updating to version ld64-507.4. This issue is fixed in Xcode 11.0. Compiling code without proper input validation could lead to arbitrary code execution with user privilege.

9.3CVSS8.8AI score0.00464EPSS
CVE
CVEadded 2015/12/11 11:59 a.m.39 views

CVE-2015-7057

otools in Apple Xcode before 7.2 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted mach-o file, a different vulnerability than CVE-2015-7049.

4.6CVSS6.2AI score0.00068EPSS
CVE
CVEadded 2019/12/18 6:15 p.m.39 views

CVE-2019-8739

A memory corruption issue was addressed with improved state management. This issue is fixed in Xcode 11.0. Processing a maliciously crafted file may lead to arbitrary code execution.

7.8CVSS8.1AI score0.00418EPSS
CVE
CVEadded 2015/04/10 3:0 p.m.38 views

CVE-2015-3027

Clang in LLVM, as used in Apple Xcode before 6.3, performs incorrect register allocation in a way that triggers stack storage for stack cookie pointers, which might allow context-dependent attackers to bypass a stack-guard protection mechanism via crafted input to an affected C program.

5CVSS6.2AI score0.00314EPSS
CVE
CVEadded 2006/05/24 1:2 a.m.37 views

CVE-2006-1466

Xcode Tools before 2.3 for Mac OS X 10.4, when running the WebObjects plugin, allows remote attackers to access or modify WebObjects projects through a network service.

4CVSS6.7AI score0.00678EPSS
CVE
CVEadded 2019/12/18 6:15 p.m.37 views

CVE-2019-8738

A memory corruption issue was addressed with improved state management. This issue is fixed in Xcode 11.0. Processing a maliciously crafted file may lead to arbitrary code execution.

7.8CVSS8.1AI score0.00418EPSS
CVE
CVEadded 2015/12/11 11:59 a.m.29 views

CVE-2015-7056

IDE SCM in Apple Xcode before 7.2 does not recognize .gitignore files, which allows remote attackers to obtain sensitive information in opportunistic circumstances by leveraging the presence of a file matching an ignore pattern.

5CVSS5.6AI score0.00307EPSS
Total number of security vulnerabilities75