8 matches found
CVE-2018-16845
The CVE-2018-16845 issue affects nginx builds that include the ngx_http_mp4_module and the mp4 directive. Vulnerable are nginx versions earlier than 1.15.6 and 1.14.1 (when built with the module). The vulnerability arises from processing a specially crafted MP4 file, which could cause an infinite...
CVE-2021-21300
Summary: CVE-2021-21300 affects Git when cloning into case-insensitive file systems and using certain clean/smudge filters (e.g., Git LFS). A specially crafted repository containing symbolic links and files processed by these filters can cause an unchecked script to run during checkout. Affected ...
CVE-2022-39260
Git Shell command-argument parsing bug (CVE-2022-39260) in pre-2.30.6…2.37.4 allows an attacker with SSH access to a Git shell login to overflow an int-based count when building the argv array, enabling arbitrary heap writes and potential remote code execution via execv(). Affected setups require...
CVE-2025-48384
Git vulnerability CVE-2025-48384 arises from Git’s handling of trailing CR characters in config and submodule paths, which can cause a submodule to checkout to an incorrect location and potentially execute a post-checkout hook if a symlink points to the hooks directory. The issue affects Git and ...
CVE-2023-27967
The CVE-2023-27967 issue affects Apple's Xcode stack and was resolved in Xcode 14.3 through improved memory handling. The vulnerability could allow an app to execute arbitrary code outside its sandbox or with elevated privileges. Affected component: memory handling in Xcode before 14.3. Remediati...
CVE-2019-8840
CVE-2019-8840 affects Apple Xcode (ld64) where an out-of-bounds read was caused by insufficient bounds checking. Impact: compiling with untrusted sources may allow arbitrary code execution with user privileges. Affected/product: Xcode (ld64 component) on macOS. Root cause: out-of-bounds read due ...
CVE-2025-43371
The CVE describes an Improper Access Control in Xcode where insufficient sandbox checks could allow an app to break out of its sandbox. Reports converge on Xcode 26 fixes; remediation is to update to Xcode 26 or later. The vulnerability is characterized by local attack vector with required user i...
CVE-2025-43505
Apple Xcode 26.1 fixes CVE-2025-43505, an out-of-bounds write caused by insufficient input validation that could allow heap corruption when processing a maliciously crafted file. Affected product: Xcode (and LLDB noted in Apple advisory). Remediation: update to Xcode 26.1. Notes from connected so...