Apple tvOS vulnerabilities

2,227 known vulnerabilities affecting apple/tvos.

Total CVEs

2,227

CISA KEV

actively exploited

Public exploits

199

Exploited in wild

Severity breakdown

CRITICAL148HIGH1222MEDIUM795LOW59UNKNOWN3

Vulnerabilities

Page 102 of 112

CVE-2015-7112CRITICALCVSS 9.3PoC≤ 9.02015-12-11

CVE-2015-7112 [CRITICAL] CVE-2015-7112: The IOHIDFamily API in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS befor The IOHIDFamily API in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2015-7111.

nvdapple

CVE-2015-7072CRITICALCVSS 9.3≤ 9.02015-12-11

CVE-2015-7072 [CRITICAL] CWE-20 CVE-2015-7072: dyld in Apple iOS before 9.2, tvOS before 9.1, and watchOS before 2.1 mishandles segment validation, dyld in Apple iOS before 9.2, tvOS before 9.1, and watchOS before 2.1 mishandles segment validation, which allows attackers to execute arbitrary code in a privileged context via a crafted app.

nvdapple

CVE-2015-7111CRITICALCVSS 9.3≤ 9.02015-12-11

CVE-2015-7111 [CRITICAL] CWE-119 CVE-2015-7111: The IOHIDFamily API in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS befor The IOHIDFamily API in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2015-7112.

nvdapple

CVE-2015-7079CRITICALCVSS 9.3≤ 9.02015-12-11

CVE-2015-7079 [CRITICAL] CWE-20 CVE-2015-7079: dyld in Apple iOS before 9.2 and tvOS before 9.1 mishandles segment validation, which allows attacke dyld in Apple iOS before 9.2 and tvOS before 9.1 mishandles segment validation, which allows attackers to execute arbitrary code in a privileged context via a crafted app.

nvdapple

CVE-2015-7051CRITICALCVSS 9.3≤ 9.02015-12-11

CVE-2015-7051 [CRITICAL] CWE-264 CVE-2015-7051: MobileStorageMounter in Apple iOS before 9.2 and tvOS before 9.1 mishandles the timing of trust-cach MobileStorageMounter in Apple iOS before 9.2 and tvOS before 9.1 mishandles the timing of trust-cache loading, which allows attackers to execute arbitrary code in a privileged context via a crafted app.

nvdapple

CVE-2015-7068HIGHCVSS 7.8PoCfixed in 9.12015-12-11

CVE-2015-7068 [HIGH] CWE-476 CVE-2015-7068: IOKit SCSI in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 all IOKit SCSI in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via an app that provides an unspecified userclient type.

nvdapple

CVE-2015-7047HIGHCVSS 7.2PoC≤ 9.02015-12-11

CVE-2015-7047 [HIGH] CWE-20 CVE-2015-7047: The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 all The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows local users to gain privileges via a crafted mach message that is misparsed.

nvdapple

CVE-2015-7083HIGHCVSS 7.2PoC≤ 9.02015-12-11

CVE-2015-7083 [HIGH] CWE-119 CVE-2015-7083: The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 all The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-7084.

nvdapple

CVE-2015-7084HIGHCVSS 7.2PoC≤ 9.02015-12-11

CVE-2015-7084 [HIGH] CVE-2015-7084: The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 all The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-7083.

nvdapple

CVE-2015-7065MEDIUMCVSS 6.8≤ 9.02015-12-11

CVE-2015-7065 [MEDIUM] CWE-119 CVE-2015-7065: OpenGL in Apple iOS before 9.2, OS X before 10.11.2, and tvOS before 9.1 allows remote attackers to OpenGL in Apple iOS before 9.2, OS X before 10.11.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.

nvdapple

CVE-2015-7104MEDIUMCVSS 6.8≤ 9.02015-12-11

CVE-2015-7104 [MEDIUM] CWE-119 CVE-2015-7104: WebKit in Apple Safari before 9.0.2 and tvOS before 9.1 allows remote attackers to execute arbitrary WebKit in Apple Safari before 9.0.2 and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.

nvdapple

CVE-2015-7074MEDIUMCVSS 6.8≤ 9.02015-12-11

CVE-2015-7074 [MEDIUM] CWE-119 CVE-2015-7074: CoreMedia Playback in Apple iOS before 9.2, OS X before 10.11.2, and tvOS before 9.1 allows remote a CoreMedia Playback in Apple iOS before 9.2, OS X before 10.11.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a malformed media file.

nvdapple

CVE-2015-7064MEDIUMCVSS 6.8≤ 9.02015-12-11

CVE-2015-7064 [MEDIUM] CWE-119 CVE-2015-7064: OpenGL in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows OpenGL in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2015-7066.

nvdapple

CVE-2015-7048MEDIUMCVSS 6.8≤ 9.02015-12-11

CVE-2015-7048 [MEDIUM] CWE-119 CVE-2015-7048: WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-7095, CVE-2015-7096, CVE-2015-7097, CVE-2015-7098, CVE-2015-7099, CVE-2015-7100, CVE-2015-7101,

nvdapple

CVE-2015-7103MEDIUMCVSS 6.8≤ 9.02015-12-11

CVE-2015-7103 [MEDIUM] CVE-2015-7103: WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-7048, CVE-2015-7095, CVE-2015-7096, CVE-2015-7097, CVE-2015-7098, CVE-2015-7099, CVE-2015-7100, CVE-2015

nvdapple

CVE-2015-7053MEDIUMCVSS 6.8≤ 9.02015-12-11

CVE-2015-7053 [MEDIUM] CWE-119 CVE-2015-7053: ImageIO in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows ImageIO in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted image.

nvdapple

CVE-2015-7043MEDIUMCVSS 4.3≤ 9.02015-12-11

CVE-2015-7043 [MEDIUM] CVE-2015-7043: The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 all The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to cause a denial of service via a crafted app, a different vulnerability than CVE-2015-7040, CVE-2015-7041, and CVE-2015-7042.

nvdapple

CVE-2015-7060MEDIUMCVSS 6.8≤ 9.02015-12-11

CVE-2015-7060 [MEDIUM] CVE-2015-7060: The ASN.1 decoder in Apple OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remot The ASN.1 decoder in Apple OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted certificate, a different vulnerability than CVE-2015-7059 and CVE-2015-7061.

nvdapple

CVE-2015-7066MEDIUMCVSS 6.8≤ 9.02015-12-11

CVE-2015-7066 [MEDIUM] CVE-2015-7066: OpenGL in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows OpenGL in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2015-7064.

nvdapple

CVE-2015-7105MEDIUMCVSS 6.8≤ 9.02015-12-11

CVE-2015-7105 [MEDIUM] CWE-119 CVE-2015-7105: CoreGraphics in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 a CoreGraphics in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file.

nvdapple

← Previous102 / 112Next →