Lucene search
K
AppleXcode

11 matches found

CVE
CVE
added 2016/02/15 7:0 p.m.1351 views

CVE-2016-0746

CVE-2016-0746 is a use-after-free in nginx’s resolver when processing DNS CNAME responses. The issue affects nginx versions before 1.8.1 and 1.9.x before 1.9.10; exploitation could crash worker processes or yield other unspecified impacts. Remediation per connected docs: upgrade to non‑vulnerable...

9.8CVSS9.5AI score0.08625EPSS
CVE
CVE
added 2007/09/23 11:0 p.m.646 views

CVE-2004-2687

CVE-2004-2687 concerns distcc (distccd) where, if the server port is not access-restricted, remote attackers can execute arbitrary commands via compilation jobs. The core issue is lack of authorization checks in the distccd daemon when handling distributed compilation requests. Affected scope app...

9.3CVSS9.7AI score0.80978EPSS
In wild
CVE
CVE
added 2019/03/21 8:13 p.m.613 views

CVE-2019-3855

CVE-2019-3855 is a libssh2 integer overflow in the transport read path that may cause an out-of-bounds write when processing server packets. The issue appears in libssh2 prior to 1.8.1 and could enable code exposure or other impact if a user connects to a malicious SSH server. Connected advisorie...

9.3CVSS8.7AI score0.09219EPSS
CVE
CVE
added 2019/07/29 11:42 a.m.317 views

CVE-2019-14379

CVE-2019-14379 affects FasterXML jackson-databind prior to 2.9.9.2, where default typing mishandling when ehcache is present (via net.sf.ehcache.transaction.manager.DefaultTransactionManagerLookup) leads to remote code execution. Affected component is jackson-databind’s data-binding implementatio...

9.8CVSS9.7AI score0.08045EPSS
CVE
CVE
added 2020/02/12 1:58 a.m.215 views

CVE-2014-9390

CVE-2014-9390 describes a remote command-execution risk in Git and several VCS clients when interacting with repositories on case-insensitive filesystems. A crafted .git/config in a tree can trigger arbitrary commands on the server/client, depending on the tool. Affected versions (per provided so...

9.8CVSS9.1AI score0.63178EPSS
Web
CVE
CVE
added 2020/10/16 4:56 p.m.127 views

CVE-2020-9992

CVE-2020-9992 affects Apple's IDE Device Support in Xcode 12.0 and iOS/iPadOS 14 (paired-device remote debugging). The vulnerability allows an attacker in a privileged network position to execute arbitrary code on a paired device during a debug session over the network. Apple addressed this by en...

9.3CVSS7.5AI score0.02986EPSS
CVE
CVE
added 2019/04/03 5:43 p.m.91 views

CVE-2018-4357

CVE-2018-4357 is an Apple Xcode/LLVM memory corruption vulnerability: the LLVM/ Xcode component prior to Xcode 10 contains a flaw that allows memory corruption due to insufficient input validation. The issue could enable code execution with kernel privileges, as described in the Xcode 10 security...

9.3CVSS7.2AI score0.00926EPSS
CVE
CVE
added 2019/12/18 5:33 p.m.67 views

CVE-2019-8721

CVE-2019-8721 affects the ld64 component of the Xcode toolchains. The underlying issue is a failure to properly validate input in ld64, which could allow arbitrary code execution with user privileges. The vulnerability is addressed by updating to ld64-507.4 as part of Xcode 11.0. Affected context...

9.3CVSS8.8AI score0.01792EPSS
CVE
CVE
added 2019/12/18 5:33 p.m.61 views

CVE-2019-8722

CVE-2019-8722 refers to an arbitrary code execution vulnerability in the ld64 component of Apple’s Xcode toolchains. The issue arises from insufficient input validation during compilation, enabling code execution with user privileges. Apple fixed this in Xcode 11.0 by updating ld64 to version 507...

9.3CVSS8.8AI score0.01792EPSS
CVE
CVE
added 2019/12/18 5:33 p.m.61 views

CVE-2019-8724

CVE-2019-8724 concerns ld64 in the Xcode toolchains. The vulnerability arises from input validation failures in ld64, allowing arbitrary code execution with user privileges. Affected product: Apple Xcode 11.0 toolchain (macOS Mojave 10.14.4 and later) where the issue is fixed by updating to ld64-...

9.3CVSS8.8AI score0.01881EPSS
CVE
CVE
added 2019/12/18 5:33 p.m.57 views

CVE-2019-8723

CVE-2019-8723 affects the ld64 component in Apple Xcode toolchains. The issue stems from insufficient input validation in ld64, enabling arbitrary code execution with user privileges when compiling code. The vulnerability is addressed by updating to Xcode 11.0, which includes ld64-507.4. Public d...

9.3CVSS8.8AI score0.01881EPSS