Vulnerabilities > Apple > Xcode > 12.4
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-03-09 | CVE-2021-21300 | Link Following vulnerability in multiple products Git is an open-source distributed revision control system. | 7.5 |
| 2020-01-09 | CVE-2019-20372 | HTTP Request Smuggling vulnerability in multiple products NGINX before 1.17.7, with certain error_page configurations, allows HTTP request smuggling, as demonstrated by the ability of an attacker to read unauthorized web pages in environments where NGINX is being fronted by a load balancer. | 4.3 |
| 2019-07-29 | CVE-2019-14379 | SubTypeValidator.java in FasterXML jackson-databind before 2.9.9.2 mishandles default typing when ehcache is used (because of net.sf.ehcache.transaction.manager.DefaultTransactionManagerLookup), leading to remote code execution. | 9.8 |
| 2018-11-07 | CVE-2018-16845 | Resource Exhaustion vulnerability in multiple products nginx before versions 1.15.6, 1.14.1 has a vulnerability in the ngx_http_mp4_module, which might allow an attacker to cause infinite loop in a worker process, cause a worker process crash, or might result in worker process memory disclosure by using a specially crafted mp4 file. | 5.8 |
| 2018-11-07 | CVE-2018-16844 | Resource Exhaustion vulnerability in multiple products nginx before versions 1.15.6 and 1.14.1 has a vulnerability in the implementation of HTTP/2 that can allow for excessive CPU usage. | 7.8 |
| 2018-11-07 | CVE-2018-16843 | Resource Exhaustion vulnerability in multiple products nginx before versions 1.15.6 and 1.14.1 has a vulnerability in the implementation of HTTP/2 that can allow for excessive memory consumption. | 7.8 |
| 2017-07-13 | CVE-2017-7529 | Integer Overflow or Wraparound vulnerability in multiple products Nginx versions since 0.5.6 up to and including 1.13.2 are vulnerable to integer overflow vulnerability in nginx range filter module resulting into leak of potentially sensitive information triggered by specially crafted request. | 5.0 |
| 2016-02-15 | CVE-2016-0747 | Resource Exhaustion vulnerability in multiple products The resolver in nginx before 1.8.1 and 1.9.x before 1.9.10 does not properly limit CNAME resolution, which allows remote attackers to cause a denial of service (worker process resource consumption) via vectors related to arbitrary name resolution. | 5.0 |
| 2016-02-15 | CVE-2016-0746 | Use After Free vulnerability in multiple products Use-after-free vulnerability in the resolver in nginx 0.6.18 through 1.8.0 and 1.9.x before 1.9.10 allows remote attackers to cause a denial of service (worker process crash) or possibly have unspecified other impact via a crafted DNS response related to CNAME response processing. | 7.5 |
| 2016-02-15 | CVE-2016-0742 | NULL Pointer Dereference vulnerability in multiple products The resolver in nginx before 1.8.1 and 1.9.x before 1.9.10 allows remote attackers to cause a denial of service (invalid pointer dereference and worker process crash) via a crafted UDP DNS response. | 5.0 |