VYPR

tvOS

by Apple Inc.

CVEs (1,844)

  • CVE-2017-2365MedFeb 20, 2017
    risk 0.46cvss 6.5epss 0.07

    An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. tvOS before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive…

  • CVE-2017-2363MedFeb 20, 2017
    risk 0.46cvss 6.5epss 0.07

    An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. tvOS before 10.1.1 is affected. watchOS before 3.1.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to bypass the Same Origin…

  • CVE-2016-4660HigFeb 20, 2017
    risk 0.46cvss 7.1epss 0.02

    An issue was discovered in certain Apple products. iOS before 10.1 is affected. macOS before 10.12.1 is affected. tvOS before 10.0.1 is affected. watchOS before 3.1 is affected. The issue involves the "FontParser" component. It allows remote attackers to obtain sensitive…

  • CVE-2016-4776HigSep 25, 2016
    risk 0.46cvss 7.1epss 0.01

    The kernel in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows attackers to obtain sensitive memory-layout information or cause a denial of service (out-of-bounds read) via a crafted app, a different vulnerability than CVE-2016-4773 and…

  • CVE-2016-4774HigSep 25, 2016
    risk 0.46cvss 7.1epss 0.01

    The kernel in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows attackers to obtain sensitive memory-layout information or cause a denial of service (out-of-bounds read) via a crafted app, a different vulnerability than CVE-2016-4773 and…

  • CVE-2016-4773HigSep 25, 2016
    risk 0.46cvss 7.1epss 0.01

    The kernel in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows attackers to obtain sensitive memory-layout information or cause a denial of service (out-of-bounds read) via a crafted app, a different vulnerability than CVE-2016-4774 and…

  • CVE-2016-1762HigMar 24, 2016
    risk 0.46cvss 8.1epss 0.06

    The xmlNextChar function in libxml2 before 2.9.4 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document.

  • CVE-2023-27933MedMay 8, 2023
    risk 0.44cvss 6.7epss 0.00

    The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4, macOS Monterey 12.6.4, tvOS 16.4, watchOS 9.4. An app with root privileges may be able to execute arbitrary code with kernel privileges.

  • CVE-2022-32926MedNov 1, 2022
    risk 0.44cvss 6.7epss 0.00

    The issue was addressed with improved bounds checks. This issue is fixed in tvOS 16.1, iOS 15.7.1 and iPadOS 15.7.1, macOS Ventura 13, watchOS 9.1, iOS 16.1 and iPadOS 16. An app with root privileges may be able to execute arbitrary code with kernel privileges.

  • CVE-2022-32832MedSep 23, 2022
    risk 0.44cvss 6.7epss 0.01

    The issue was addressed with improved memory handling. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Big Sur 11.6.8, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, Security Update 2022-005 Catalina. An app with root privileges may be able to execute arbitrary code with…

  • CVE-2016-1840HigMay 20, 2016
    risk 0.44cvss 7.8epss 0.03

    Heap-based buffer overflow in the xmlFAParsePosCharGroup function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory…

  • CVE-2016-1834HigMay 20, 2016
    risk 0.44cvss 7.8epss 0.05

    Heap-based buffer overflow in the xmlStrncat function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption)…

  • CVE-2024-54502MedDec 12, 2024
    risk 0.43cvss 6.5epss 0.14

    The issue was addressed with improved checks. This issue is fixed in Safari 18.2, iOS 18.2 and iPadOS 18.2, iPadOS 17.7.6, macOS Sequoia 15.2, tvOS 18.2, visionOS 2.2, watchOS 11.2. Processing maliciously crafted web content may lead to an unexpected process crash.

  • CVE-2022-32816MedSep 23, 2022
    risk 0.43cvss 6.5epss 0.06

    The issue was addressed with improved UI handling. This issue is fixed in watchOS 8.7, tvOS 15.6, iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5. Visiting a website that frames malicious content may lead to UI spoofing.

  • CVE-2019-8690MedDec 18, 2019
    risk 0.43cvss 6.1epss 0.05

    A logic issue existed in the handling of document loads. This issue was addressed with improved state management. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6.…

  • CVE-2019-8649MedDec 18, 2019
    risk 0.43cvss 6.1epss 0.05

    A logic issue existed in the handling of synchronous page loads. This issue was addressed with improved state management. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6.…

  • CVE-2017-7089MedOct 23, 2017
    risk 0.43cvss 6.1epss 0.06

    An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. The issue involves the "WebKit" component. It allows remote attackers to conduct Universal XSS (UXSS) attacks via a crafted web…

  • CVE-2017-2504MedMay 22, 2017
    risk 0.43cvss 6.1epss 0.03

    An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. tvOS before 10.2.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to conduct Universal XSS (UXSS) attacks via a crafted web…

  • CVE-2017-2445MedApr 2, 2017
    risk 0.43cvss 6.1epss 0.04

    An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to conduct Universal XSS (UXSS) attacks via crafted frame objects.

  • CVE-2016-4708MedSep 25, 2016
    risk 0.43cvss 6.5epss 0.04

    CFNetwork in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 misparses the Set-Cookie header, which allows remote attackers to obtain sensitive information via a crafted HTTP response.

Page 54 of 93