Lucene search
K
AppleXcode

21 matches found

CVE
CVE
added 2020/01/09 8:5 p.m.4488 views

CVE-2019-20372

NGINX (on Amazon Linux 2) is affected by CVE-2019-20372 when configured with certain error_page settings, enabling HTTP request smuggling. The Amazon Linux 2 ALAS advisory ALAS2NGINX1-2023-004 confirms vulnerable 1.17.x/older configurations and provides patched packages: nginx 1.18.0 and related ...

5.3CVSS5.2AI score0.14961EPSS
CVE
CVE
added 2012/07/26 7:0 p.m.1295 views

CVE-2012-3698

Apple Xcode before 4.4 is affected by CVE-2012-3698 due to a design issue in composing a designated requirement (DR) during signing of programs without bundle identifiers. This allows remote attackers to read keychain entries via a crafted app, demonstrated with keychain data from a helper tool o...

5CVSS6.2AI score0.01104EPSS
CVE
CVE
added 2022/10/19 12:0 a.m.806 views

CVE-2022-39253

Summary (facts grounded to provided docs): CVE-2022-39253 affects Git versions prior to 2.30.6, 2.31.5, 2.32.4, 2.33.5, 2.34.5, 2.35.5, 2.36.3, and 2.37.4, exposing sensitive data via local clones where source and target are on the same volume. The vulnerability arises when cloning a repository l...

5.5CVSS6.5AI score0.01336EPSS
Web
CVE
CVE
added 2016/02/15 7:0 p.m.262 views

CVE-2016-0747

The CVE-2016-0747 entry affects nginx rescanner behavior: the resolver in nginx (versions prior to 1.8.1 and 1.9.x prior to 1.9.10) does not properly limit CNAME resolution, allowing remote attackers to cause denial of service via excessive name-resolution work. Public details across multiple sou...

5.3CVSS6.8AI score0.08433EPSS
CVE
CVE
added 2024/03/15 10:29 p.m.258 views

CVE-2024-23298

CVE-2024-23298 affects Apple Xcode (prior to version 15.3). The issue is described as a logic problem in state management that enables Gatekeeper bypass. Multiple connected sources corroborate a local/remote-leaning impact tied to Gatekeeper checks being bypassed, with Apple noting the fix in Xco...

5.5CVSS5.8AI score0.00525EPSS
CVE
CVE
added 2015/08/12 2:0 p.m.226 views

CVE-2015-3184

CVE-2015-3184 affects Subversion’s mod_authz_svn when used with Apache httpd 2.4.x. The issue is an improper restriction of anonymous access in Subversion 1.7.x (before 1.7.21) and 1.8.x (before 1.8.14), which allows remote anonymous users to read hidden files via the path name. Affected product:...

5CVSS7.6AI score0.10607EPSS
CVE
CVE
added 2015/04/08 6:0 p.m.139 views

CVE-2015-0248

CVE-2015-0248 affects Subversion (mod_dav_svn and svnserve) versions 1.6.0–1.7.19 and 1.8.0–1.8.11. The issue is an assertion failure DoS triggered by crafted requests with dynamically evaluated revision numbers, potentially crashing the server. Multiple connected advisories confirm this vulnerab...

5CVSS7.9AI score0.12841EPSS
CVE
CVE
added 2021/04/02 6:4 p.m.119 views

CVE-2021-1800

CVE-2021-1800 is tied to Apple Xcode 12.4. The vulnerability is a path handling issue in on-demand resources that could allow a malicious app to access arbitrary host files when using Xcode. Apple fixed this by improving path validation in Xcode 12.4. The cited sources (Apple advisory HT212153 an...

5.5CVSS4.6AI score0.00642EPSS
CVE
CVE
added 2023/09/26 8:14 p.m.106 views

CVE-2023-40391

CVE-2023-40391 affects Apple platforms with a memory handling issue that may allow an app to disclose kernel memory. Publicly documented fixes apply to tvOS 17, iOS 17, iPadOS 17, and macOS Sonoma 14 (and Xcode 15). No exploitation status is stated in the provided sources. The vulnerability is ad...

5.5CVSS4.9AI score0.00309EPSS
CVE
CVE
added 2024/09/16 11:23 p.m.105 views

CVE-2024-44191

CVE-2024-44191 affects Apple platforms and is tied to improper state management that could allow an app to gain unauthorized Bluetooth access. Connected sources confirm the issue is resolved in multiple Apple OS updates: iOS 17.7 and iPadOS 17.7, macOS Sequoia 15, iOS 18 and iPadOS 18, visionOS 2...

5.5CVSS5.9AI score0.00252EPSS
CVE
CVE
added 2014/12/18 3:0 p.m.102 views

CVE-2014-3580

CVE-2014-3580 affects the mod_dav_svn component of Apache Subversion (1.x) prior to 1.7.19 and 1.8.x prior to 1.8.11. A remote attacker can trigger a NULL pointer dereference via a REPORT request for a non-existent resource , causing a denial of service and server crash. Connected sources documen...

5CVSS8.7AI score0.1067EPSS
CVE
CVE
added 2014/12/18 3:0 p.m.92 views

CVE-2014-8108

The CVE-2014-8108 issue affects the Apache Subversion mod_dav_svn module. According to connected docs, Subversion 1.7.x is vulnerable before 1.7.19 and 1.8.x is vulnerable before 1.8.11, where a remote attacker can trigger a NULL pointer dereference by requesting a URI that causes a lookup for a ...

5CVSS8.7AI score0.09692EPSS
CVE
CVE
added 2025/03/31 10:23 p.m.82 views

CVE-2025-30441

CVE-2025-30441 affects Apple Xcode and is tied to an out-of-bounds write that could allow an app to overwrite arbitrary files. The issue is described as being addressed through improved state management and fixed in Xcode 16.3. Connected sources corroborate the vulnerability in the Xcode IDE and ...

5.5CVSS6.5AI score0.00221EPSS
CVE
CVE
added 2025/03/31 10:23 p.m.73 views

CVE-2025-24226

The CVE-2025-24226 entry concerns Apple Xcode 16.3 where a malicious app may access private information due to insufficient checks. Public records consistently state that the issue is fixed in Xcode 16.3 through improved checks. Affected component is Xcode (IDE assets, as described by Apple’s adv...

5.5CVSS6AI score0.00248EPSS
CVE
CVE
added 2008/07/14 6:0 p.m.72 views

CVE-2008-2318

The CVE-2008-2318 issue affects Apple’s Xcode WebObjects: the WOHyperlink API in WebObjects before Xcode 3.1 appends local session IDs to generated non-local URLs, enabling potential information disclosure by remote attackers reading those requests. Impact is information leakage without exploitat...

5CVSS5.4AI score0.0146EPSS
CVE
CVE
added 2015/09/18 10:0 a.m.66 views

CVE-2015-5909

CVE-2015-5909 affects the IDE Xcode Server component of Apple Xcode prior to 7.0. The root cause is insufficient access restriction on repository email lists, allowing a remote, unauthenticated attacker to obtain potentially sensitive build information via incorrect notification delivery. Impact ...

5CVSS5.6AI score0.01921EPSS
CVE
CVE
added 2023/09/06 1:36 a.m.61 views

CVE-2022-32920

Apple Xcode is affected by CVE-2022-32920. The issue arises from parsing a file, which could disclose user information. Affected product: Xcode (prior to 14.0). Underlying cause: insufficient checks during file parsing. Impact (as stated): potential disclosure of user information. Remediation: fi...

5.5CVSS4.7AI score0.00181EPSS
CVE
CVE
added 2023/09/26 8:14 p.m.57 views

CVE-2023-40435

CVE-2023-40435 affects Apple’s Xcode toolchain, specifically the iTMSTransporter workflow. The issue allowed an app to access App Store credentials; the root cause (per security advisories) was mitigated by enabling the hardened runtime, with the fix present in Xcode 15. The reported CVSS metrics...

5.5CVSS5AI score0.00236EPSS
CVE
CVE
added 2015/04/10 2:0 p.m.54 views

CVE-2015-3027

CVE-2015-3027 concerns Clang in LLVM as used in Apple Xcode prior to 6.3, where incorrect register allocation triggers stack storage for stack-cookie pointers. This behavior can allow context-dependent attackers to bypass the stack-guard protection mechanism in an affected C program. The provided...

5CVSS6.2AI score0.01299EPSS
CVE
CVE
added 2015/12/11 11:0 a.m.46 views

CVE-2015-7056

Apple Xcode prior to 7.2 is affected by CVE-2015-7056 due to a failure of the IDE SCM to honor .gitignore directives. This allows remote attackers to disclose sensitive information by exploiting the presence of a file that matches an ignore pattern. The issue is corroborated by multiple sources i...

5CVSS5.6AI score0.01285EPSS
CVE
CVE
added 2026/03/25 12:32 a.m.19 views

CVE-2026-28890

CVE-2026-28890 describes an out-of-bounds read in Xcode that was addressed by improved bounds checking. Connected sources confirm the affected product is Xcode and indicate the fix is included in Xcode 26.4, with the impact stated as an app may terminate unexpectedly. The vulnerability details ac...

5.5CVSS5.8AI score0.00103EPSS