Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Xcode
(Apple)| Repositories |
• https://github.com/apache/httpd
• https://github.com/visionmedia/send |
| #Vulnerabilities | 83 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2017-07-13 | CVE-2017-7529 | Nginx versions since 0.5.6 up to and including 1.13.2 are vulnerable to integer overflow vulnerability in nginx range filter module resulting into leak of potentially sensitive information triggered by specially crafted request. | Xcode, Nginx, Puppet_enterprise | 7.5 | ||
| 2016-02-15 | CVE-2016-0746 | Use-after-free vulnerability in the resolver in nginx 0.6.18 through 1.8.0 and 1.9.x before 1.9.10 allows remote attackers to cause a denial of service (worker process crash) or possibly have unspecified other impact via a crafted DNS response related to CNAME response processing. | Xcode, Ubuntu_linux, Debian_linux, Nginx, Leap | 9.8 | ||
| 2016-02-15 | CVE-2016-0747 | The resolver in nginx before 1.8.1 and 1.9.x before 1.9.10 does not properly limit CNAME resolution, which allows remote attackers to cause a denial of service (worker process resource consumption) via vectors related to arbitrary name resolution. | Xcode, Ubuntu_linux, Debian_linux, Nginx, Leap | 5.3 | ||
| 2016-02-15 | CVE-2016-0742 | The resolver in nginx before 1.8.1 and 1.9.x before 1.9.10 allows remote attackers to cause a denial of service (invalid pointer dereference and worker process crash) via a crafted UDP DNS response. | Xcode, Ubuntu_linux, Debian_linux, Nginx, Leap, Software_collections | 7.5 | ||
| 2019-12-18 | CVE-2019-8738 | A memory corruption issue was addressed with improved state management. This issue is fixed in Xcode 11.0. Processing a maliciously crafted file may lead to arbitrary code execution. | Xcode | 7.8 | ||
| 2019-12-18 | CVE-2019-8739 | A memory corruption issue was addressed with improved state management. This issue is fixed in Xcode 11.0. Processing a maliciously crafted file may lead to arbitrary code execution. | Xcode | 7.8 | ||
| 2019-12-18 | CVE-2019-8800 | A memory corruption issue was addressed with improved validation. This issue is fixed in Xcode 11.2. Processing a maliciously crafted file may lead to arbitrary code execution. | Xcode | 7.8 | ||
| 2019-12-18 | CVE-2019-8806 | A memory corruption issue was addressed with improved validation. This issue is fixed in Xcode 11.2. Processing a maliciously crafted file may lead to arbitrary code execution. | Xcode | 7.8 | ||
| 2020-02-12 | CVE-2014-9390 | Git before 1.8.5.6, 1.9.x before 1.9.5, 2.0.x before 2.0.5, 2.1.x before 2.1.4, and 2.2.x before 2.2.1 on Windows and OS X; Mercurial before 3.2.3 on Windows and OS X; Apple Xcode before 6.2 beta 3; mine all versions before 08-12-2014; libgit2 all versions up to 0.21.2; Egit all versions before 08-12-2014; and JGit all versions before 08-12-2014 allow remote Git servers to execute arbitrary commands via a tree containing a crafted .git/config file with (1) an ignorable Unicode codepoint, (2)... | Xcode, Egit, Jgit, Git, Libgit2, Mercurial | 9.8 | ||
| 2020-10-27 | CVE-2019-8840 | An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in Xcode 11.3. Compiling with untrusted sources may lead to arbitrary code execution with user privileges. | Xcode | 8.8 |