VYPR

Xcode

by Apple Inc.

CVEs (81)

  • CVE-2014-3580Dec 18, 2014
    risk 0.01cvss epss 0.11

    The mod_dav_svn Apache HTTPD server module in Apache Subversion 1.x before 1.7.19 and 1.8.x before 1.8.11 allows remote attackers to cause a denial of service (NULL pointer dereference and server crash) via a REPORT request for a resource that does not exist.

  • CVE-2014-3528Aug 19, 2014
    risk 0.01cvss epss 0.07

    Apache Subversion 1.0.0 through 1.7.x before 1.7.17 and 1.8.x before 1.8.10 uses an MD5 hash of the URL and authentication realm to store cached credentials, which makes it easier for remote servers to obtain the credentials via a crafted authentication realm.

  • CVE-2026-28890Mar 25, 2026
    risk 0.00cvss epss 0.00

    An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in Xcode 26.4. An app may be able to cause unexpected system termination.

  • CVE-2026-28889Mar 25, 2026
    risk 0.00cvss epss 0.00

    A permissions issue was addressed with additional restrictions. This issue is fixed in Xcode 26.4. An app may be able to read arbitrary files as root.

  • CVE-2025-31186Jan 16, 2026
    risk 0.00cvss epss 0.00

    A permissions issue was addressed with additional restrictions. This issue is fixed in Xcode 16.3. An app may be able to bypass Privacy preferences.

  • CVE-2025-43504Nov 4, 2025
    risk 0.00cvss epss 0.00

    A buffer overflow was addressed with improved bounds checking. This issue is fixed in Xcode 26.1. A user in a privileged network position may be able to cause a denial-of-service.

  • CVE-2025-43505Nov 4, 2025
    risk 0.00cvss epss 0.00

    An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in Xcode 26.1. Processing a maliciously crafted file may lead to heap corruption.

  • CVE-2025-43375Sep 15, 2025
    risk 0.00cvss epss 0.00

    The issue was addressed with improved checks. This issue is fixed in Xcode 26. Processing an overly large path value may crash a process.

  • CVE-2025-43263Sep 15, 2025
    risk 0.00cvss epss 0.00

    The issue was addressed with improved checks. This issue is fixed in Xcode 26. An app may be able to read and write files outside of its sandbox.

  • CVE-2025-43371Sep 15, 2025
    risk 0.00cvss epss 0.00

    This issue was addressed with improved checks. This issue is fixed in Xcode 26. An app may be able to break out of its sandbox.

  • CVE-2025-43370Sep 15, 2025
    risk 0.00cvss epss 0.00

    A path handling issue was addressed with improved validation. This issue is fixed in Xcode 26. Processing an overly large path value may crash a process.

  • CVE-2025-30441Mar 31, 2025
    risk 0.00cvss epss 0.00

    This issue was addressed through improved state management. This issue is fixed in Xcode 16.3. An app may be able to overwrite arbitrary files.

  • CVE-2025-24226Mar 31, 2025
    risk 0.00cvss epss 0.00

    The issue was addressed with improved checks. This issue is fixed in Xcode 16.3. A malicious app may be able to access private information.

  • CVE-2024-44228Oct 28, 2024
    risk 0.00cvss epss 0.00

    This issue was addressed with improved permissions checking. This issue is fixed in Xcode 16. An app may be able to inherit Xcode permissions and access user data.

  • CVE-2024-40862Sep 16, 2024
    risk 0.00cvss epss 0.00

    A privacy issue was addressed by removing sensitive data. This issue is fixed in Xcode 16. An attacker may be able to determine the Apple ID of the owner of the computer.

  • CVE-2024-44162Sep 16, 2024
    risk 0.00cvss epss 0.00

    This issue was addressed by enabling hardened runtime. This issue is fixed in Xcode 16. A malicious application may gain access to a user's Keychain items.

  • CVE-2023-40435Sep 26, 2023
    risk 0.00cvss epss 0.00

    This issue was addressed by enabling hardened runtime. This issue is fixed in Xcode 15. An app may be able to access App Store credentials.

  • CVE-2023-40391Sep 26, 2023
    risk 0.00cvss epss 0.00

    The issue was addressed with improved memory handling. This issue is fixed in tvOS 17, iOS 17 and iPadOS 17, macOS Sonoma 14, Xcode 15. An app may be able to disclose kernel memory.

  • CVE-2023-32396Sep 26, 2023
    risk 0.00cvss epss 0.00

    This issue was addressed with improved checks. This issue is fixed in Xcode 15, tvOS 17, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. An app may be able to gain elevated privileges.

  • CVE-2022-32920Sep 6, 2023
    risk 0.00cvss epss 0.00

    The issue was addressed with improved checks. This issue is fixed in Xcode 14.0. Parsing a file may lead to disclosure of user information.

Page 2 of 5