Filtered by vendor Apple
Subscriptions
Filtered by product Xcode
Subscriptions
Total
84 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2018-4164 | 1 Apple | 1 Xcode | 2024-11-21 | N/A |
An issue was discovered in certain Apple products. Xcode before 9.3 is affected. The issue, which is unspecified, involves the "LLVM" component. | ||||
CVE-2018-16845 | 6 Apple, Canonical, Debian and 3 more | 6 Xcode, Ubuntu Linux, Debian Linux and 3 more | 2024-11-21 | 6.1 Medium |
nginx before versions 1.15.6, 1.14.1 has a vulnerability in the ngx_http_mp4_module, which might allow an attacker to cause infinite loop in a worker process, cause a worker process crash, or might result in worker process memory disclosure by using a specially crafted mp4 file. The issue only affects nginx if it is built with the ngx_http_mp4_module (the module is not built by default) and the .mp4. directive is used in the configuration file. Further, the attack is only possible if an attacker is able to trigger processing of a specially crafted mp4 file with the ngx_http_mp4_module. | ||||
CVE-2018-16844 | 5 Apple, Canonical, Debian and 2 more | 5 Xcode, Ubuntu Linux, Debian Linux and 2 more | 2024-11-21 | 7.5 High |
nginx before versions 1.15.6 and 1.14.1 has a vulnerability in the implementation of HTTP/2 that can allow for excessive CPU usage. This issue affects nginx compiled with the ngx_http_v2_module (not compiled by default) if the 'http2' option of the 'listen' directive is used in a configuration file. | ||||
CVE-2018-16843 | 6 Apple, Canonical, Debian and 3 more | 6 Xcode, Ubuntu Linux, Debian Linux and 3 more | 2024-11-21 | 7.5 High |
nginx before versions 1.15.6 and 1.14.1 has a vulnerability in the implementation of HTTP/2 that can allow for excessive memory consumption. This issue affects nginx compiled with the ngx_http_v2_module (not compiled by default) if the 'http2' option of the 'listen' directive is used in a configuration file. | ||||
CVE-2017-7529 | 4 Apple, F5, Puppet and 1 more | 4 Xcode, Nginx, Puppet Enterprise and 1 more | 2024-11-21 | 7.5 High |
Nginx versions since 0.5.6 up to and including 1.13.2 are vulnerable to integer overflow vulnerability in nginx range filter module resulting into leak of potentially sensitive information triggered by specially crafted request. | ||||
CVE-2017-7167 | 1 Apple | 1 Xcode | 2024-11-21 | N/A |
An issue was discovered in certain Apple products. Xcode before 9.2 is affected. The issue involves the "ld64" component. A buffer overflow allows remote attackers to execute arbitrary code via crafted source code. | ||||
CVE-2017-7137 | 1 Apple | 1 Xcode | 2024-11-21 | N/A |
An issue was discovered in certain Apple products. Xcode before 9 is affected. The issue involves the "ld64" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Mach-O file. | ||||
CVE-2017-7136 | 1 Apple | 1 Xcode | 2024-11-21 | N/A |
An issue was discovered in certain Apple products. Xcode before 9 is affected. The issue involves the "ld64" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Mach-O file. | ||||
CVE-2017-7135 | 1 Apple | 1 Xcode | 2024-11-21 | N/A |
An issue was discovered in certain Apple products. Xcode before 9 is affected. The issue involves the "ld64" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Mach-O file. | ||||
CVE-2017-7134 | 1 Apple | 1 Xcode | 2024-11-21 | N/A |
An issue was discovered in certain Apple products. Xcode before 9 is affected. The issue involves the "ld64" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Mach-O file. | ||||
CVE-2016-4705 | 1 Apple | 1 Xcode | 2024-11-21 | N/A |
otool in Apple Xcode before 8 allows local users to gain privileges or cause a denial of service (memory corruption and application crash) via unspecified vectors, a different vulnerability than CVE-2016-4704. | ||||
CVE-2016-4704 | 1 Apple | 1 Xcode | 2024-11-21 | N/A |
otool in Apple Xcode before 8 allows local users to gain privileges or cause a denial of service (memory corruption and application crash) via unspecified vectors, a different vulnerability than CVE-2016-4705. | ||||
CVE-2016-1765 | 1 Apple | 1 Xcode | 2024-11-21 | N/A |
otool in Apple Xcode before 7.3 allows local users to gain privileges or cause a denial of service (memory corruption and application crash) via unspecified vectors. | ||||
CVE-2016-0747 | 6 Apple, Canonical, Debian and 3 more | 6 Xcode, Ubuntu Linux, Debian Linux and 3 more | 2024-11-21 | 5.3 Medium |
The resolver in nginx before 1.8.1 and 1.9.x before 1.9.10 does not properly limit CNAME resolution, which allows remote attackers to cause a denial of service (worker process resource consumption) via vectors related to arbitrary name resolution. | ||||
CVE-2016-0746 | 6 Apple, Canonical, Debian and 3 more | 6 Xcode, Ubuntu Linux, Debian Linux and 3 more | 2024-11-21 | 9.8 Critical |
Use-after-free vulnerability in the resolver in nginx 0.6.18 through 1.8.0 and 1.9.x before 1.9.10 allows remote attackers to cause a denial of service (worker process crash) or possibly have unspecified other impact via a crafted DNS response related to CNAME response processing. | ||||
CVE-2016-0742 | 6 Apple, Canonical, Debian and 3 more | 7 Xcode, Ubuntu Linux, Debian Linux and 4 more | 2024-11-21 | 7.5 High |
The resolver in nginx before 1.8.1 and 1.9.x before 1.9.10 allows remote attackers to cause a denial of service (invalid pointer dereference and worker process crash) via a crafted UDP DNS response. | ||||
CVE-2015-7082 | 2 Apple, Git Project | 2 Xcode, Git | 2024-11-21 | N/A |
Multiple unspecified vulnerabilities in Git before 2.5.4, as used in Apple Xcode before 7.2, have unknown impact and attack vectors. NOTE: this CVE is associated only with Xcode use cases. | ||||
CVE-2015-7057 | 1 Apple | 1 Xcode | 2024-11-21 | N/A |
otools in Apple Xcode before 7.2 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted mach-o file, a different vulnerability than CVE-2015-7049. | ||||
CVE-2015-7056 | 1 Apple | 1 Xcode | 2024-11-21 | N/A |
IDE SCM in Apple Xcode before 7.2 does not recognize .gitignore files, which allows remote attackers to obtain sensitive information in opportunistic circumstances by leveraging the presence of a file matching an ignore pattern. | ||||
CVE-2015-7049 | 1 Apple | 1 Xcode | 2024-11-21 | N/A |
otools in Apple Xcode before 7.2 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted mach-o file, a different vulnerability than CVE-2015-7057. |