Apple tvOS vulnerabilities
2,227 known vulnerabilities affecting apple/tvos.
Total CVEs
2,227
CISA KEV
41
actively exploited
Public exploits
199
Exploited in wild
31
Severity breakdown
CRITICAL148HIGH1222MEDIUM795LOW59UNKNOWN3
Vulnerabilities
Page 103 of 112
CVE-2015-7096MEDIUMCVSS 6.8≤ 9.02015-12-11
CVE-2015-7096 [MEDIUM] CVE-2015-7096: WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to
WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-7048, CVE-2015-7095, CVE-2015-7097, CVE-2015-7098, CVE-2015-7099, CVE-2015-7100, CVE-2015-7101, CVE-2015
nvdapple
CVE-2015-7001MEDIUMCVSS 6.8≤ 9.02015-12-11
CVE-2015-7001 [MEDIUM] CWE-264 CVE-2015-7001: AppSandbox in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 mis
AppSandbox in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 mishandles hard links, which allows attackers to bypass Contacts access revocation via a crafted app.
nvd
CVE-2015-7061MEDIUMCVSS 6.8≤ 9.02015-12-11
CVE-2015-7061 [MEDIUM] CVE-2015-7061: The ASN.1 decoder in Apple OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remot
The ASN.1 decoder in Apple OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted certificate, a different vulnerability than CVE-2015-7059 and CVE-2015-7060.
nvdapple
CVE-2015-7058MEDIUMCVSS 4.3≤ 9.02015-12-11
CVE-2015-7058 [MEDIUM] CWE-200 CVE-2015-7058: Apple iOS before 9.2, OS X before 10.11.2, and tvOS before 9.1 improperly validate keychain item ACL
Apple iOS before 9.2, OS X before 10.11.2, and tvOS before 9.1 improperly validate keychain item ACLs, which allows attackers to obtain access to keychain items via a crafted app.
nvdapple
CVE-2015-7039MEDIUMCVSS 6.8PoC≤ 9.02015-12-11
CVE-2015-7039 [MEDIUM] CVE-2015-7039: Buffer overflow in libc in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS b
Buffer overflow in libc in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code via a crafted package, a different vulnerability than CVE-2015-7038.
nvdapple
CVE-2015-7099MEDIUMCVSS 6.8≤ 9.02015-12-11
CVE-2015-7099 [MEDIUM] CVE-2015-7099: WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to
WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-7048, CVE-2015-7095, CVE-2015-7096, CVE-2015-7097, CVE-2015-7098, CVE-2015-7100, CVE-2015-7101, CVE-2015
nvdapple
CVE-2015-7097MEDIUMCVSS 6.8≤ 9.02015-12-11
CVE-2015-7097 [MEDIUM] CVE-2015-7097: WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to
WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-7048, CVE-2015-7095, CVE-2015-7096, CVE-2015-7098, CVE-2015-7099, CVE-2015-7100, CVE-2015-7101, CVE-2015
nvdapple
CVE-2015-7095MEDIUMCVSS 6.8≤ 9.02015-12-11
CVE-2015-7095 [MEDIUM] CVE-2015-7095: WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to
WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-7048, CVE-2015-7096, CVE-2015-7097, CVE-2015-7098, CVE-2015-7099, CVE-2015-7100, CVE-2015-7101, CVE-2015
nvdapple
CVE-2015-7038MEDIUMCVSS 6.8≤ 9.02015-12-11
CVE-2015-7038 [MEDIUM] CWE-119 CVE-2015-7038: Buffer overflow in libc in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS b
Buffer overflow in libc in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code via a crafted package, a different vulnerability than CVE-2015-7039.
nvdapple
CVE-2015-7059MEDIUMCVSS 6.8≤ 9.02015-12-11
CVE-2015-7059 [MEDIUM] CWE-119 CVE-2015-7059: The ASN.1 decoder in Apple OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remot
The ASN.1 decoder in Apple OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted certificate, a different vulnerability than CVE-2015-7060 and CVE-2015-7061.
nvdapple
CVE-2015-7102MEDIUMCVSS 6.8≤ 9.02015-12-11
CVE-2015-7102 [MEDIUM] CVE-2015-7102: WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to
WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-7048, CVE-2015-7095, CVE-2015-7096, CVE-2015-7097, CVE-2015-7098, CVE-2015-7099, CVE-2015-7100, CVE-2015
nvdapple
CVE-2015-7101MEDIUMCVSS 6.8≤ 9.02015-12-11
CVE-2015-7101 [MEDIUM] CVE-2015-7101: WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to
WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-7048, CVE-2015-7095, CVE-2015-7096, CVE-2015-7097, CVE-2015-7098, CVE-2015-7099, CVE-2015-7100, CVE-2015
nvdapple
CVE-2015-7073MEDIUMCVSS 6.8≤ 9.02015-12-11
CVE-2015-7073 [MEDIUM] CWE-119 CVE-2015-7073: Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allow remote atta
Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted SSL handshake.
nvdapple
CVE-2015-7045MEDIUMCVSS 5.0≤ 9.02015-12-11
CVE-2015-7045 [MEDIUM] CWE-17 CVE-2015-7045: Keychain Access in Apple OS X before 10.11.2 and tvOS before 9.1 improperly interacts with Keychain
Keychain Access in Apple OS X before 10.11.2 and tvOS before 9.1 improperly interacts with Keychain Agent, which allows attackers to spoof the Keychain Server via unspecified vectors.
nvd
CVE-2015-7054MEDIUMCVSS 6.8≤ 9.02015-12-11
CVE-2015-7054 [MEDIUM] CWE-19 CVE-2015-7054: zlib in the Compression component in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and
zlib in the Compression component in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 does not initialize memory for an unspecified data structure, which allows remote attackers to execute arbitrary code via a crafted web site.
nvdapple
CVE-2015-7098MEDIUMCVSS 6.8≤ 9.02015-12-11
CVE-2015-7098 [MEDIUM] CVE-2015-7098: WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to
WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-7048, CVE-2015-7095, CVE-2015-7096, CVE-2015-7097, CVE-2015-7099, CVE-2015-7100, CVE-2015-7101, CVE-2015
nvdapple
CVE-2015-7041MEDIUMCVSS 4.3≤ 9.02015-12-11
CVE-2015-7041 [MEDIUM] CVE-2015-7041: The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 all
The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to cause a denial of service via a crafted app, a different vulnerability than CVE-2015-7040, CVE-2015-7042, and CVE-2015-7043.
nvdapple
CVE-2015-7075MEDIUMCVSS 6.8≤ 9.02015-12-11
CVE-2015-7075 [MEDIUM] CWE-119 CVE-2015-7075: CoreMedia Playback in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before
CoreMedia Playback in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a malformed media file.
nvdapple
CVE-2015-7042MEDIUMCVSS 4.3≤ 9.02015-12-11
CVE-2015-7042 [MEDIUM] CVE-2015-7042: The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 all
The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to cause a denial of service via a crafted app, a different vulnerability than CVE-2015-7040, CVE-2015-7041, and CVE-2015-7043.
nvdapple
CVE-2015-7040MEDIUMCVSS 4.3≤ 9.02015-12-11
CVE-2015-7040 [MEDIUM] CVE-2015-7040: The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 all
The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to cause a denial of service via a crafted app, a different vulnerability than CVE-2015-7041, CVE-2015-7042, and CVE-2015-7043.
nvdapple