Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Apple Subscribe
Filtered by product Tvos
Total 1495 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2015-7046 1 Apple 4 Iphone Os, Mac Os X, Tvos and 1 more 2019-03-08 2.6 LOW N/A
The Sandbox feature in xnu in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 does not properly implement privilege separation, which allows attackers to bypass the ASLR protection mechanism via a crafted app with root privileges.
CVE-2015-7045 1 Apple 2 Mac Os X, Tvos 2019-03-08 5.0 MEDIUM N/A
Keychain Access in Apple OS X before 10.11.2 and tvOS before 9.1 improperly interacts with Keychain Agent, which allows attackers to spoof the Keychain Server via unspecified vectors.
CVE-2015-7043 1 Apple 4 Iphone Os, Mac Os X, Tvos and 1 more 2019-03-08 4.3 MEDIUM N/A
The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to cause a denial of service via a crafted app, a different vulnerability than CVE-2015-7040, CVE-2015-7041, and CVE-2015-7042.
CVE-2015-7042 1 Apple 4 Iphone Os, Mac Os X, Tvos and 1 more 2019-03-08 4.3 MEDIUM N/A
The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to cause a denial of service via a crafted app, a different vulnerability than CVE-2015-7040, CVE-2015-7041, and CVE-2015-7043.
CVE-2015-7041 1 Apple 4 Iphone Os, Mac Os X, Tvos and 1 more 2019-03-08 4.3 MEDIUM N/A
The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to cause a denial of service via a crafted app, a different vulnerability than CVE-2015-7040, CVE-2015-7042, and CVE-2015-7043.
CVE-2015-7040 1 Apple 4 Iphone Os, Mac Os X, Tvos and 1 more 2019-03-08 4.3 MEDIUM N/A
The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to cause a denial of service via a crafted app, a different vulnerability than CVE-2015-7041, CVE-2015-7042, and CVE-2015-7043.
CVE-2015-7039 1 Apple 4 Iphone Os, Mac Os X, Tvos and 1 more 2019-03-08 6.8 MEDIUM N/A
Buffer overflow in libc in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code via a crafted package, a different vulnerability than CVE-2015-7038.
CVE-2015-7038 1 Apple 4 Iphone Os, Mac Os X, Tvos and 1 more 2019-03-08 6.8 MEDIUM N/A
Buffer overflow in libc in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code via a crafted package, a different vulnerability than CVE-2015-7039.
CVE-2015-7001 1 Apple 4 Iphone Os, Mac Os X, Tvos and 1 more 2019-03-08 6.8 MEDIUM N/A
AppSandbox in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 mishandles hard links, which allows attackers to bypass Contacts access revocation via a crafted app.
CVE-2015-7075 1 Apple 4 Iphone Os, Mac Os X, Tvos and 1 more 2019-03-08 6.8 MEDIUM N/A
CoreMedia Playback in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a malformed media file.
CVE-2015-5312 6 Apple, Canonical, Debian and 3 more 13 Iphone Os, Mac Os X, Tvos and 10 more 2019-03-08 7.1 HIGH N/A
The xmlStringLenDecodeEntities function in parser.c in libxml2 before 2.9.3 does not properly prevent entity expansion, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted XML data, a different vulnerability than CVE-2014-3660.
CVE-2015-3807 1 Apple 3 Iphone Os, Mac Os X, Tvos 2019-03-08 4.3 MEDIUM N/A
libxml2 in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (memory corruption) via a crafted XML document.
CVE-2015-1124 1 Apple 4 Iphone Os, Itunes, Safari and 1 more 2019-03-08 6.8 MEDIUM N/A
WebKit, as used in Apple iOS before 8.3, Apple TV before 7.2, and Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-04-08-1, APPLE-SA-2015-04-08-3, and APPLE-SA-2015-04-08-4.
CVE-2015-1123 1 Apple 2 Iphone Os, Tvos 2019-03-08 6.8 MEDIUM N/A
WebKit, as used in Apple iOS before 8.3 and Apple TV before 7.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-04-08-3 and APPLE-SA-2015-04-08-4.
CVE-2015-1122 1 Apple 4 Iphone Os, Itunes, Safari and 1 more 2019-03-08 6.8 MEDIUM N/A
WebKit, as used in Apple iOS before 8.3, Apple TV before 7.2, and Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-04-08-1, APPLE-SA-2015-04-08-3, and APPLE-SA-2015-04-08-4.
CVE-2015-1120 1 Apple 4 Iphone Os, Itunes, Safari and 1 more 2019-03-08 6.8 MEDIUM N/A
WebKit, as used in Apple iOS before 8.3, Apple TV before 7.2, and Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-04-08-1, APPLE-SA-2015-04-08-3, and APPLE-SA-2015-04-08-4.
CVE-2015-1119 1 Apple 4 Iphone Os, Itunes, Safari and 1 more 2019-03-08 6.8 MEDIUM N/A
WebKit, as used in Apple iOS before 8.3, Apple TV before 7.2, and Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-04-08-1, APPLE-SA-2015-04-08-3, and APPLE-SA-2015-04-08-4.
CVE-2015-1118 1 Apple 3 Iphone Os, Mac Os X, Tvos 2019-03-08 5.0 MEDIUM N/A
libnetcore in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 allows attackers to cause a denial of service (memory corruption and application crash) via a crafted configuration profile.
CVE-2015-1117 1 Apple 3 Iphone Os, Mac Os X, Tvos 2019-03-08 6.9 MEDIUM N/A
The (1) setreuid and (2) setregid system-call implementations in the kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 do not properly perform privilege drops, which makes it easier for attackers to execute code with unintended user or group privileges via a crafted app.
CVE-2015-1114 1 Apple 2 Iphone Os, Tvos 2019-03-08 1.9 LOW N/A
The Sandbox Profiles component in Apple iOS before 8.3 and Apple TV before 7.2 allows attackers to discover hardware identifiers via a crafted app.