Vulnerabilities > Apple > Xcode
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-18 | CVE-2022-22606 | Out-of-bounds Read vulnerability in Apple Xcode An out-of-bounds read was addressed with improved bounds checking. | 7.8 |
| 2022-03-18 | CVE-2022-22607 | Out-of-bounds Read vulnerability in Apple Xcode An out-of-bounds read was addressed with improved bounds checking. | 7.8 |
| 2022-03-18 | CVE-2022-22608 | Out-of-bounds Read vulnerability in Apple Xcode An out-of-bounds read was addressed with improved bounds checking. | 7.8 |
| 2021-12-10 | CVE-2021-44228 | Deserialization of Untrusted Data vulnerability in multiple products Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. network low complexity apache siemens intel debian fedoraproject sonicwall netapp cisco snowsoftware bentley percussion apple CWE-502 critical | 10.0 |
| 2021-04-02 | CVE-2021-1800 | Unspecified vulnerability in Apple Xcode A path handling issue was addressed with improved validation. | 5.5 |
| 2021-03-09 | CVE-2021-21300 | Link Following vulnerability in multiple products Git is an open-source distributed revision control system. | 7.5 |
| 2020-10-27 | CVE-2019-8840 | Out-of-bounds Read vulnerability in Apple Xcode An out-of-bounds read was addressed with improved bounds checking. | 8.8 |
| 2020-10-16 | CVE-2020-9992 | Unspecified vulnerability in Apple Iphone OS This issue was addressed by encrypting communications over the network to devices running iOS 14, iPadOS 14, tvOS 14, and watchOS 7. | 7.8 |
| 2020-02-12 | CVE-2014-9390 | Improper Input Validation vulnerability in multiple products Git before 1.8.5.6, 1.9.x before 1.9.5, 2.0.x before 2.0.5, 2.1.x before 2.1.4, and 2.2.x before 2.2.1 on Windows and OS X; Mercurial before 3.2.3 on Windows and OS X; Apple Xcode before 6.2 beta 3; mine all versions before 08-12-2014; libgit2 all versions up to 0.21.2; Egit all versions before 08-12-2014; and JGit all versions before 08-12-2014 allow remote Git servers to execute arbitrary commands via a tree containing a crafted .git/config file with (1) an ignorable Unicode codepoint, (2) a git~1/config representation, or (3) mixed case that is improperly handled on a case-insensitive filesystem. | 9.8 |
| 2020-01-09 | CVE-2019-20372 | HTTP Request Smuggling vulnerability in multiple products NGINX before 1.17.7, with certain error_page configurations, allows HTTP request smuggling, as demonstrated by the ability of an attacker to read unauthorized web pages in environments where NGINX is being fronted by a load balancer. | 5.3 |