VYPR

tvOS

by Apple Inc.

CVEs (1,838)

  • CVE-2016-1819HigMay 20, 2016
    risk 0.54cvss 7.8epss 0.05

    Use-after-free vulnerability in the IOAccelContext2::clientMemoryForType method in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory…

  • CVE-2016-1813HigMay 20, 2016
    risk 0.54cvss 7.8epss 0.05

    The IOAccelSharedUserClient2::page_off_resource method in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a…

  • CVE-2016-1803HigMay 20, 2016
    risk 0.54cvss 7.8epss 0.05

    CoreCapture in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a crafted app.

  • CVE-2016-1755HigMar 24, 2016
    risk 0.54cvss 7.8epss 0.05

    The kernel in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9.2, and watchOS before 2.2 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1754.

  • CVE-2016-1721HigFeb 1, 2016
    risk 0.54cvss 7.8epss 0.01

    The kernel in Apple iOS before 9.2.1, OS X before 10.11.3, and tvOS before 9.1.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.

  • CVE-2016-1720HigFeb 1, 2016
    risk 0.54cvss 7.8epss 0.01

    IOKit in Apple iOS before 9.2.1, OS X before 10.11.3, and tvOS before 9.1.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.

  • CVE-2016-1719HigFeb 1, 2016
    risk 0.54cvss 7.8epss 0.01

    The IOHIDFamily API in Apple iOS before 9.2.1, OS X before 10.11.3, and tvOS before 9.1.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.

  • CVE-2015-7068HigDec 11, 2015
    risk 0.54cvss 7.8epss 0.04

    IOKit SCSI in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via an app that provides an unspecified userclient type.

  • CVE-2025-43480HigNov 4, 2025
    risk 0.53cvss 8.1epss 0.00

    The issue was addressed with improved checks. This issue is fixed in Safari 26.1, iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, tvOS 26.1, visionOS 26.1, watchOS 26.1. A malicious website may exfiltrate data cross-origin.

  • CVE-2025-43323HigNov 4, 2025
    risk 0.53cvss 8.1epss 0.00

    This issue was addressed with additional entitlement checks. This issue is fixed in iOS 26 and iPadOS 26, macOS Tahoe 26, tvOS 26, visionOS 26, watchOS 26. An app may be able to fingerprint the user.

  • CVE-2025-31234HigMay 12, 2025
    risk 0.53cvss 8.2epss 0.00

    The issue was addressed with improved input sanitization. This issue is fixed in iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, tvOS 18.5, visionOS 2.5. An attacker may be able to cause unexpected system termination or corrupt kernel memory.

  • CVE-2024-54468HigJan 27, 2025
    risk 0.53cvss 8.2epss 0.00

    The issue was addressed with improved checks. This issue is fixed in iOS 18.2 and iPadOS 18.2, iPadOS 17.7.3, macOS Sequoia 15.2, macOS Sonoma 14.7.2, macOS Ventura 13.7.2, tvOS 18.2, watchOS 11.2. An app may be able to break out of its sandbox.

  • CVE-2024-27815HigJun 10, 2024
    risk 0.53cvss 7.8epss 0.02

    An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5, tvOS 17.5, visionOS 1.2, watchOS 10.5. An app may be able to execute arbitrary code with kernel privileges.

  • CVE-2018-4192HigJun 8, 2018
    risk 0.53cvss 7.5epss 0.12

    An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue…

  • CVE-2016-4725HigSep 25, 2016
    risk 0.53cvss 8.1epss 0.01

    IOAcceleratorFamily in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (memory corruption) via a crafted web site.

  • CVE-2014-4422HigSep 18, 2014
    risk 0.53cvss 8.1epss 0.02

    The kernel in Apple iOS before 8 and Apple TV before 7 uses a predictable random number generator during the early portion of the boot process, which allows attackers to bypass certain kernel-hardening protection mechanisms by using a user-space process to observe data related…

  • CVE-2025-31223HigMay 12, 2025
    risk 0.52cvss 8.0epss 0.01

    The issue was addressed with improved checks. This issue is fixed in Safari 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, tvOS 18.5, visionOS 2.5, watchOS 11.5. Processing maliciously crafted web content may lead to memory corruption.

  • CVE-2025-24223HigMay 12, 2025
    risk 0.52cvss 8.0epss 0.00

    The issue was addressed with improved memory handling. This issue is fixed in Safari 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, tvOS 18.5, visionOS 2.5, watchOS 11.5. Processing maliciously crafted web content may lead to memory corruption.

  • CVE-2025-24137HigJan 27, 2025
    risk 0.52cvss 8.0epss 0.01

    A type confusion issue was addressed with improved checks. This issue is fixed in iOS 18.3 and iPadOS 18.3, iPadOS 17.7.4, macOS Sequoia 15.3, macOS Sonoma 14.7.3, tvOS 18.3, visionOS 2.3. An attacker on the local network may corrupt process memory.

  • CVE-2026-20611HigFeb 11, 2026
    risk 0.51cvss 7.8epss 0.00

    An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3, macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.3, tvOS 26.3, visionOS 26.3, watchOS 26.3. Processing a maliciously…

Page 14 of 92