Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:32516
HistoryOct 05, 2015 - 12:00 a.m.

APPLE-SA-2015-09-16-2 Xcode 7.0

2015-10-0500:00:00
vulners.com
423
JSON

APPLE-SA-2015-09-16-2 Xcode 7.0

Xcode 7.0 is now available and addresses the following:

DevTools
Available for: OS X Yosemite v10.10.4 or later
Impact: An attacker may be able to bypass access restrictions
Description: An API issue existed in the apache configuration. This
issue was addressed by updating header files to use the latest
version.
CVE-ID
CVE-2015-3185 : Branko Aibej of the Apache Software Foundation

IDE Xcode Server
Available for: OS X Yosemite 10.10 or later
Impact: An attacker may be able to access restricted parts of the
filesystem
Description: A comparison issue existed in the node.js send module
prior to version 0.8.4. This issue was addressed by upgrading to
version 0.12.3.
CVE-ID
CVE-2014-6394 : Ilya Kantor

IDE Xcode Server
Available for: OS X Yosemite v10.10.4 or later
Impact: Multiple vulnerabilties in OpenSSL
Description: Multiple vulnerabilties existed in the node.js OpenSSL
module prior to version 1.0.1j. These issues were addressed by
updating openssl to version 1.0.1j.
CVE-ID
CVE-2014-3513
CVE-2014-3566
CVE-2014-3567
CVE-2014-3568

IDE Xcode Server
Available for: OS X Yosemite v10.10.4 or later
Impact: An attacker with a privileged network position may be able
to inspect traffic to Xcode Server
Description: Connections to Xcode Server may have been made without
encryption. This issue was addressed through improved network
connection logic.
CVE-ID
CVE-2015-5910 : an anonymous researcher

IDE Xcode Server
Available for: OS X Yosemite v10.10.4 or later
Impact: Build notifications may be sent to unintended recipients
Description: An access issue existed in the handling of repository
email lists. This issue was addressed through improved validation.
CVE-ID
CVE-2015-5909 : Daniel Tomlinson of Rocket Apps, David Gatwood of
Anchorfree

subversion
Available for: OS X Yosemite v10.10.4 or later
Impact: Multiple vulnerabilities existed in svn versions prior to
1.7.19
Description: Multiple vulnerabilities existed in svn versions prior
to 1.7.19. These issues were addressed by updating svn to version
1.7.20.
CVE-ID
CVE-2015-0248
CVE-2015-0251

Xcode 7.0 may be obtained from:
https://developer.apple.com/xcode/downloads/

To check that the Xcode has been updated:

  • Select Xcode in the menu bar
  • Select About Xcode
  • The version after applying this update will be "7.0".

Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222

This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/

Related

securityvulns 5
nessus 52
archlinux 1
ibm 45
openvas 26
kaspersky 2
debian 4
slackware 1
freebsd_advisory 1
freebsd 2
suse 7
osv 4
amazon 2
mageia 2
centos 3
aix 1
redhat 4
ubuntu 1
vmware 2
veracode 5
fedora 3
oraclelinux 2
f5 4
prion 5
cve 5
nodejs 1
github 1
ubuntucve 3
debiancve 2
checkpoint_advisories 1
openssl 2
securityvulns
securityvulns
Apple Xcode multiple security vulnerabilities
2015-10-25 00:00:00
[slackware-security] openssl (SSA:2014-288-01)
2014-10-17 00:00:00
OpenSSL multiple security vulnerabilities
2014-12-09 00:00:00
nessus
nessus
Apple Xcode < 7.0 (Mac OS X) (POODLE)
2015-10-02 00:00:00
Slackware 13.0 / 13.1 / 13.37 / 14.0 / 14.1 / current : openssl (SSA:2014-288-01) (POODLE)
2014-10-16 00:00:00
OpenSSL 1.0.1 < 1.0.1j Multiple Vulnerabilities (POODLE)
2014-10-17 00:00:00
archlinux
archlinux
openssl: denial of service / man-in-the-middle / poodle mitigation
2014-10-16 00:00:00
ibm
ibm
Security Bulletin: Vulnerabilities in SSLv3 affect IBM Flex System Manager (FSM) and compatible IBM Systems Director agents (CVE-2014-3513, CVE-2014-3566, CVE-2014-3567, CVE-2014-3568)
2019-01-31 02:10:01
Security Bulletin: Four (4) Vulnerabilities in OpenSSL affect IBM FlashSystem (and TMS RAMSAN) 710, 720, 810, and 820 systems ( CVE-2014-3513, CVE-2014-3566, CVE-2014-3567, and CVE-2014-3568)
2023-02-28 01:12:10
Security Bulletin: Four (4) Vulnerabilities in OpenSSL affect IBM FlashSystem 840 and V840 systems ( CVE-2014-3513, CVE-2014-3566, CVE-2014-3567, and CVE-2014-3568)
2023-02-18 01:45:50
openvas
openvas
Debian Security Advisory DSA 3053-1 (openssl - security update)
2014-10-16 00:00:00
SUSE: Security Advisory for OpenSSL (SUSE-SU-2014:1386-1)
2015-10-16 00:00:00
Debian Security Advisory DSA 3053-1 (openssl - security update)
2014-10-16 00:00:00
kaspersky
kaspersky
KLA10359 Vulnerability in Tableau
2014-07-18 00:00:00
KLA10452 Multiple vulnerabilities in VMware products
2015-01-27 00:00:00
debian
debian
[SECURITY] [DSA 3053-1] openssl security update
2014-10-16 15:48:24
[SECURITY] [DSA 3231-1] subversion security update
2015-04-21 17:34:36
[SECURITY] [DSA 3231-1] subversion security update
2015-04-21 17:34:36
slackware
slackware
[slackware-security] openssl
2014-10-15 17:58:22
freebsd_advisory
freebsd_advisory
FreeBSD-SA-14:23.openssl
2014-10-21 00:00:00
freebsd
freebsd
OpenSSL -- multiple vulnerabilities
2014-10-15 00:00:00
subversion -- DoS vulnerabilities
2015-03-31 00:00:00
suse
suse
Security update for openssl1 (important)
2014-11-04 23:04:45
update for openssl (important)
2014-10-29 16:05:00
Security update for OpenSSL (important)
2014-11-11 00:05:06
osv
osv
openssl - security update
2014-10-16 00:00:00
subversion - security update
2015-04-21 00:00:00
openssl - security update
2014-11-01 00:00:00
amazon
amazon
Important: openssl
2014-10-15 16:14:00
Medium: subversion, mod_dav_svn
2015-08-24 22:27:00
mageia
mageia
Updated openssl packages fix security vulnerabilities
2014-10-23 17:27:57
Updated subversion packages fix security vulnerabilities
2015-05-03 03:19:16
centos
centos
openssl security update
2014-10-16 16:22:42
mod_dav_svn, subversion security update
2015-08-17 15:33:54
mod_dav_svn, subversion security update
2015-09-08 21:07:49
aix
aix
AIX OpenSSL Denial of Service due to memory leak in DTLS / AIX OpenSSL Patch to mitigate CVE-2014-3566 / AIX OpenSSL Denial of Service due to memory consumption
2014-10-29 04:58:52
redhat
redhat
(RHSA-2014:1692) Important: openssl security update
2014-10-22 00:00:00
(RHSA-2014:1652) Important: openssl security update
2014-10-16 00:00:00
(RHSA-2015:1633) Moderate: subversion security update
2015-08-17 00:00:00
ubuntu
ubuntu
OpenSSL vulnerabilities
2014-10-16 00:00:00
vmware
vmware
VMware vCenter Server, ESXi, Workstation, Player, and Fusion updates address security issues
2015-01-27 00:00:00
VMware vCenter Server, ESXi, Workstation, Player, and Fusion updates address security issues
2015-01-27 00:00:00
veracode
veracode
Spoofable Server
2019-05-02 05:17:54
Information Disclosure
2019-05-02 05:17:54
Denial Of Service (DoS) Through Memory Consumption
2019-01-15 09:02:31
fedora
fedora
[SECURITY] Fedora 21 Update: subversion-1.8.13-7.fc21
2015-07-29 01:54:00
[SECURITY] Fedora 20 Update: nodejs-send-0.3.0-4.fc20
2014-10-06 05:06:11
[SECURITY] Fedora 19 Update: nodejs-send-0.3.0-4.fc19
2014-10-06 05:00:37
oraclelinux
oraclelinux
subversion security update
2015-08-17 00:00:00
subversion security update
2015-09-08 00:00:00
f5
f5
K17453 : Subversion vulnerabilities CVE-2015-0248, CVE-2015-0251, and CVE-2015-3187
2015-10-16 00:00:00
SOL17453 - Subversion vulnerabilities CVE-2015-0248, CVE-2015-0251, and CVE-2015-3187
2015-10-16 00:00:00
K15722 : OpenSSL DTLS SRTP Memory Leak CVE-2014-3513
2015-09-16 00:00:00
prion
prion
Design/Logic Flaw
2015-09-18 12:00:00
Design/Logic Flaw
2014-10-08 17:55:00
Code injection
2015-09-18 12:00:00
cve
cve
CVE-2015-5909
2015-09-18 12:00:00
CVE-2014-6394
2014-10-08 17:55:00
CVE-2015-5910
2015-09-18 12:00:00
nodejs
nodejs
Directory Traversal
2015-10-17 19:41:46
github
github
Directory Traversal in send
2017-10-24 18:33:36
ubuntucve
ubuntucve
CVE-2014-6394
2014-10-08 00:00:00
CVE-2015-0251
2015-04-08 00:00:00
CVE-2014-3513
2014-10-15 00:00:00
debiancve
debiancve
CVE-2014-6394
2014-10-08 17:55:00
CVE-2015-0251
2015-04-08 18:59:00
checkpoint_advisories
checkpoint_advisories
OpenSSL DTLS SRTP Extension Parsing Denial of Service (CVE-2014-3513)
2015-02-01 00:00:00
openssl
openssl
Vulnerability in OpenSSL CVE-2014-3513
2014-10-15 00:00:00
Vulnerability in OpenSSL CVE-2014-3568
2014-10-15 00:00:00
JSON
Related for SECURITYVULNS:DOC:32516
securityvulns5nessus52archlinux1ibm45openvas26kaspersky2debian4slackware1freebsd_advisory1freebsd2suse7osv4amazon2mageia2centos3aix1redhat4ubuntu1vmware2veracode5fedora3oraclelinux2f54prion5cve5nodejs1github1ubuntucve3debiancve2checkpoint_advisories1openssl2