Page 12 of 79 results (0.019 seconds)

CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0

IDE SCM in Apple Xcode before 7.2 does not recognize .gitignore files, which allows remote attackers to obtain sensitive information in opportunistic circumstances by leveraging the presence of a file matching an ignore pattern. IDE SCM en Apple Xcode en versiones anteriores a 7.2 no reconoce los archivos .gitignore, lo que permite a atacantes remotos obtener información sensible en circunstancias oportunistas aprovechando la presencia de un archivo que coincide con un patrón a ignorar. • http://lists.apple.com/archives/security-announce/2015/Dec/msg00004.html http://www.securitytracker.com/id/1034340 https://support.apple.com/HT205642 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 0

otools in Apple Xcode before 7.2 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted mach-o file, a different vulnerability than CVE-2015-7049. otools en Apple Xcode en versiones anteriores a 7.2 permite a usuarios locales obtener privilegios o provocar una denegación de servicio (corrupción de memoria) a través de una archivo mach-o manipulado, una vulnerabilidad diferente a CVE-2015-7049. • http://lists.apple.com/archives/security-announce/2015/Dec/msg00004.html http://www.securitytracker.com/id/1034340 https://support.apple.com/HT205642 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

The Swift implementation in Apple Xcode before 7.1 mishandles type conversion, which has unspecified impact and attack vectors. La implementación de Swift en Apple Xcode en versiones anteriores a 7.1 no maneja correctamente la conversión de tipo, lo que tiene un impacto y vectores no especificados. • http://lists.apple.com/archives/security-announce/2015/Oct/msg00008.html http://www.securitytracker.com/id/1033930 https://support.apple.com/HT205379 • CWE-17: DEPRECATED: Code •

CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0

IDE Xcode Server in Apple Xcode before 7.0 does not ensure that server traffic is encrypted, which allows remote attackers to obtain sensitive information by sniffing the network. Vulnerabilidad en IDE Xcode Server en Apple Xcode en versiones anteriores a 7.0, no asegura que el tráfico del servidor esté cifrado, lo que permite a atacantes remotos obtener información sensible husmeando la red. • http://lists.apple.com/archives/security-announce/2015/Sep/msg00002.html http://www.securitytracker.com/id/1033596 https://support.apple.com/HT205217 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0

IDE Xcode Server in Apple Xcode before 7.0 does not properly restrict access to repository e-mail lists, which allows remote attackers to obtain potentially sensitive build information in opportunistic circumstances by leveraging incorrect notification delivery. Vulnerabilidad en IDE Xcode Server en Apple Xcode en versiones anteriores a 7.0, no restringe adecuadamente el acceso al repositorio de las listas de correo electrónico, lo que permite a atacantes remotos obtener información potencialmente sensible de revisión en circunstancias oportunistas aprovechando la entrega de notificaciones incorrectas. • http://lists.apple.com/archives/security-announce/2015/Sep/msg00002.html http://www.securitytracker.com/id/1033596 https://support.apple.com/HT205217 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •