Lucene search
K
AppleXcode

10 matches found

CVE
CVE
added 2015/07/20 11:0 p.m.1588 views

CVE-2015-3185

CVE-2015-3185 affects Apache HTTP Server (httpd) 2.4.x up to before 2.4.14. The ap_some_auth_required() function in server/request.c could incorrectly treat a request as authenticated, allowing modules using this API to bypass intended access controls. The issue’s fix/backport is described as imp...

4.3CVSS6.6AI score0.18795EPSS
CVE
CVE
added 2015/04/08 6:0 p.m.132 views

CVE-2015-0251

CVE-2015-0251 affects Subversion’s mod_dav_svn server. The vulnerability arises from improper handling of the svn:author property in crafted v1 HTTP protocol request sequences, allowing remote authenticated users to spoof author information. Affected products/versions include Subversion 1.5.0–1.7...

4CVSS7.7AI score0.07558EPSS
CVE
CVE
added 2015/08/12 2:0 p.m.115 views

CVE-2015-3187

CVE-2015-3187 affects Apache Subversion: the svn_repos_trace_node_locations function in Subversion before 1.7.21 and in 1.8.x before 1.8.14 can disclose sensitive path information. When path-based authorization is used, remote authenticated users could read the history of a node that has been mov...

4CVSS7.3AI score0.06464EPSS
CVE
CVE
added 2014/08/19 6:0 p.m.102 views

CVE-2014-3528

CVE-2014-3528 affects Apache Subversion: cached credentials are protected by an MD5 hash of the URL and authentication realm. Subversion 1.0.0–1.7.x (before 1.7.17) and 1.8.x (before 1.8.10) store credentials in this manner, which may allow a remote server to obtain credentials via a crafted auth...

4CVSS8.6AI score0.07495EPSS
CVE
CVE
added 2014/08/19 6:0 p.m.93 views

CVE-2014-3522

The CVE-2014-3522 vulnerability affects Subversion’s Serf RA layer, where wildcards in X.509 CN/subjectAltName are not properly validated, enabling MITM certificate spoofing. Affected: Subversion Serf-based TLS for versions 1.4.0–1.7.x before 1.7.18 and 1.8.x before 1.8.10. Impact: potential disc...

4CVSS8.3AI score0.05581EPSS
CVE
CVE
added 2015/12/11 11:0 a.m.74 views

CVE-2015-7049

CVE-2015-7049 affects Apple Xcode before 7.2, via the otools component’s handling of Mach-O files. The underlying issue allows local users to gain privileges or cause a denial of service (memory corruption). This is a separate vulnerability from CVE-2015-7057, which also targets otools Mach-O pro...

4.6CVSS6.2AI score0.00303EPSS
CVE
CVE
added 2015/12/11 11:0 a.m.62 views

CVE-2015-7057

Apple Xcode before 7.2 is affected by CVE-2015-7057 due to otools handling Mach-O files, enabling local privilege escalation or denial of service via a crafted Mach-O file. The vulnerability is tied to memory corruption in otools when processing Mach-O inputs. Affected product is Xcode (Mac OS X)...

4.6CVSS6.2AI score0.00303EPSS
CVE
CVE
added 2006/05/24 1:0 a.m.54 views

CVE-2006-1466

The CVE-2006-1466 entry concerns Xcode Tools prior to 2.3 on Mac OS X 10.4. The vulnerability is triggered when the WebObjects plugin runs, allowing remote attackers to access or modify WebObjects projects via a network service. The available sources identify the affected software and the impact ...

4CVSS6.7AI score0.02081EPSS
CVE
CVE
added 2025/09/15 10:34 p.m.27 views

CVE-2025-43370

CVE-2025-43370 affects Apple Xcode 26, where a path handling issue can crash a process when processing an oversized path. The root cause is improved validation of path input in Xcode 26 development tooling, with confirmed fix in the Xcode 26 release. Public sources across Red Hat, CNVD, NVD, and ...

4CVSS6AI score0.00321EPSS
CVE
CVE
added 2025/11/04 1:17 a.m.19 views

CVE-2025-43504

CVE-2025-43504 is tied to an out-of-bounds/write/ buffer overflow in Apple's Xcode 26.1 (specifically the LLDB component per Apple’s security content) that can be triggered by a crafted input from a user in a privileged network position, potentially causing a denial-of-service. The CNVD/CNNVD ent...

4.9CVSS6.3AI score0.00341EPSS