Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Apple Subscribe
Filtered by product Tvos
Total 1495 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-13849 1 Apple 3 Iphone Os, Tvos, Watchos 2019-03-08 4.3 MEDIUM 5.5 MEDIUM
An issue was discovered in certain Apple products. iOS before 11.1 is affected. tvOS before 11.1 is affected. watchOS before 4.1 is affected. The issue involves the "CoreText" component. It allows remote attackers to cause a denial of service (application crash) via a crafted text file.
CVE-2017-13804 1 Apple 4 Iphone Os, Mac Os X, Tvos and 1 more 2019-03-08 4.3 MEDIUM 5.5 MEDIUM
An issue was discovered in certain Apple products. iOS before 11.1 is affected. macOS before 10.13.1 is affected. tvOS before 11.1 is affected. watchOS before 4.1 is affected. The issue involves the "StreamingZip" component. It allows remote attackers to write to unintended pathnames via a crafted ZIP archive.
CVE-2017-13799 1 Apple 4 Iphone Os, Mac Os X, Tvos and 1 more 2019-03-08 9.3 HIGH 7.8 HIGH
An issue was discovered in certain Apple products. iOS before 11.1 is affected. macOS before 10.13.1 is affected. tvOS before 11.1 is affected. watchOS before 4.1 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
CVE-2017-13797 1 Apple 5 Icloud, Iphone Os, Itunes and 2 more 2019-03-08 6.8 MEDIUM 8.8 HIGH
An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
CVE-2017-11122 2 Apple, Broadcom 4 Iphone Os, Tvos, Bcm4355c0 and 1 more 2019-03-08 5.0 MEDIUM 7.5 HIGH
On Broadcom BCM4355C0 Wi-Fi chips 9.44.78.27.0.1.56, an attacker can trigger an information leak due to insufficient length validation, related to ICMPv6 router advertisement offloading.
CVE-2016-7584 1 Apple 4 Iphone Os, Mac Os X, Tvos and 1 more 2019-03-08 6.8 MEDIUM 7.8 HIGH
An issue was discovered in certain Apple products. iOS before 10.1 is affected. macOS before 10.12.1 is affected. tvOS before 10.0.1 is affected. watchOS before 3.1 is affected. The issue involves the "AppleMobileFileIntegrity" component, which allows remote attackers to spoof signed code by using a matching team ID.
CVE-2016-1831 1 Apple 4 Iphone Os, Mac Os X, Tvos and 1 more 2019-03-08 9.3 HIGH 7.8 HIGH
The kernel in Apple iOS before 9.3.2 and OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
CVE-2016-1818 1 Apple 4 Iphone Os, Mac Os X, Tvos and 1 more 2019-03-08 9.3 HIGH 7.8 HIGH
IOAcceleratorFamily in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1817 and CVE-2016-1819.
CVE-2016-1719 1 Apple 4 Iphone Os, Mac Os X, Tvos and 1 more 2019-03-08 7.2 HIGH 7.8 HIGH
The IOHIDFamily API in Apple iOS before 9.2.1, OS X before 10.11.3, and tvOS before 9.1.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.
CVE-2016-0802 2 Apple, Google 5 Iphone Os, Mac Os X, Tvos and 2 more 2019-03-08 8.3 HIGH 8.8 HIGH
The Broadcom Wi-Fi driver in the kernel in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49G, and 6.x before 2016-02-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted wireless control message packets, aka internal bug 25306181.
CVE-2016-0801 2 Apple, Google 5 Iphone Os, Mac Os X, Tvos and 2 more 2019-03-08 8.3 HIGH 9.8 CRITICAL
The Broadcom Wi-Fi driver in the kernel in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49G, and 6.x before 2016-02-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted wireless control message packets, aka internal bug 25662029.
CVE-2015-8659 2 Apple, Nghttp2 5 Iphone Os, Mac Os X, Tvos and 2 more 2019-03-08 10.0 HIGH 10.0 CRITICAL
The idle stream handling in nghttp2 before 1.6.0 allows attackers to have unspecified impact via unknown vectors, aka a heap-use-after-free bug.
CVE-2015-8242 5 Apple, Canonical, Hp and 2 more 12 Iphone Os, Mac Os X, Tvos and 9 more 2019-03-08 5.8 MEDIUM N/A
The xmlSAX2TextNode function in SAX2.c in the push interface in the HTML parser in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service (stack-based buffer over-read and application crash) or obtain sensitive information via crafted XML data.
CVE-2015-8035 4 Apple, Canonical, Debian and 1 more 7 Iphone Os, Mac Os X, Tvos and 4 more 2019-03-08 2.6 LOW N/A
The xz_decomp function in xzlib.c in libxml2 2.9.1 does not properly detect compression errors, which allows context-dependent attackers to cause a denial of service (process hang) via crafted XML data.
CVE-2015-7995 2 Apple, Xmlsoft 5 Iphone Os, Mac Os X, Tvos and 2 more 2019-03-08 5.0 MEDIUM N/A
The xsltStylePreCompute function in preproc.c in libxslt 1.1.28 does not check if the parent node is an element, which allows attackers to cause a denial of service via a crafted XML file, related to a "type confusion" issue.
CVE-2015-7942 5 Apple, Canonical, Debian and 2 more 9 Iphone Os, Mac Os X, Tvos and 6 more 2019-03-08 6.8 MEDIUM N/A
The xmlParseConditionalSections function in parser.c in libxml2 does not properly skip intermediary entities when it stops parsing invalid input, which allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via crafted XML data, a different vulnerability than CVE-2015-7941.
CVE-2015-7116 1 Apple 3 Iphone Os, Mac Os X, Tvos 2019-03-08 4.3 MEDIUM 4.3 MEDIUM
libxml2 in Apple iOS before 9.2, OS X before 10.11.2, and tvOS before 9.1 allows remote attackers to obtain sensitive information or cause a denial of service (memory corruption) via a crafted XML document, a different vulnerability than CVE-2015-7115.
CVE-2015-7115 1 Apple 3 Iphone Os, Mac Os X, Tvos 2019-03-08 4.3 MEDIUM 4.3 MEDIUM
libxml2 in Apple iOS before 9.2, OS X before 10.11.2, and tvOS before 9.1 allows remote attackers to obtain sensitive information or cause a denial of service (memory corruption) via a crafted XML document, a different vulnerability than CVE-2015-7116.
CVE-2015-7112 1 Apple 4 Iphone Os, Mac Os X, Tvos and 1 more 2019-03-08 9.3 HIGH N/A
The IOHIDFamily API in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2015-7111.
CVE-2015-7111 1 Apple 4 Iphone Os, Mac Os X, Tvos and 1 more 2019-03-08 9.3 HIGH N/A
The IOHIDFamily API in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2015-7112.