Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Xcode
(Apple)| Repositories |
• https://github.com/apache/httpd
• https://github.com/visionmedia/send |
| #Vulnerabilities | 81 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2023-05-08 | CVE-2023-27967 | The issue was addressed with improved memory handling. This issue is fixed in Xcode 14.3. An app may be able to execute arbitrary code out of its sandbox or with certain elevated privileges. | Xcode | 8.6 | ||
| 2023-09-06 | CVE-2022-32920 | The issue was addressed with improved checks. This issue is fixed in Xcode 14.0. Parsing a file may lead to disclosure of user information. | Xcode | 5.5 | ||
| 2023-09-27 | CVE-2023-32396 | This issue was addressed with improved checks. This issue is fixed in Xcode 15, tvOS 17, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. An app may be able to gain elevated privileges. | Ipados, Iphone_os, Macos, Tvos, Watchos, Xcode | 7.8 | ||
| 2023-09-27 | CVE-2023-40391 | The issue was addressed with improved memory handling. This issue is fixed in tvOS 17, iOS 17 and iPadOS 17, macOS Sonoma 14, Xcode 15. An app may be able to disclose kernel memory. | Ipados, Iphone_os, Macos, Tvos, Xcode | 5.5 | ||
| 2023-09-27 | CVE-2023-40435 | This issue was addressed by enabling hardened runtime. This issue is fixed in Xcode 15. An app may be able to access App Store credentials. | Xcode | 5.5 | ||
| 2024-10-28 | CVE-2024-44228 | This issue was addressed with improved permissions checking. This issue is fixed in Xcode 16. An app may be able to inherit Xcode permissions and access user data. | Xcode | 7.5 | ||
| 2024-09-17 | CVE-2024-44162 | This issue was addressed by enabling hardened runtime. This issue is fixed in Xcode 16. A malicious application may gain access to a user's Keychain items. | Xcode | 7.8 | ||
| 2006-10-17 | CVE-2006-5328 | OpenBase SQL 10.0 and earlier, as used in Apple Xcode 2.2 2.2 and earlier and possibly other products, allows local users to create arbitrary files via a symlink attack on the simulation.sql file. | Xcode, Openbase | N/A | ||
| 2006-10-17 | CVE-2006-5327 | Untrusted search path vulnerability in OpenBase SQL 10.0 and earlier, as used in Apple Xcode 2.2 2.2 and earlier and possibly other products, allows local users to execute arbitrary code via a modified PATH that references a malicious gzip program, which is executed by gnutar with certain TAR_OPTIONS environment variable settings, when gnutar is invoked by OpenBase. | Xcode, Openbase | N/A | ||
| 2015-07-20 | CVE-2015-3185 | The ap_some_auth_required function in server/request.c in the Apache HTTP Server 2.4.x before 2.4.14 does not consider that a Require directive may be associated with an authorization setting rather than an authentication setting, which allows remote attackers to bypass intended access restrictions in opportunistic circumstances by leveraging the presence of a module that relies on the 2.2 API behavior. | Http_server, Mac_os_x, Mac_os_x_server, Xcode, Ubuntu_linux | N/A |