Apple tvOS vulnerabilities

CVE-2024-40806 [MEDIUM] CWE-125 CVE-2024-40806: An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in iOS An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, iOS 17.6 and iPadOS 17.6, macOS Monterey 12.7.6, macOS Sonoma 14.6, macOS Ventura 13.6.8, tvOS 17.6, visionOS 1.3, watchOS 10.6. Processing a maliciously crafted file may lead to unexpected app termination.

CVE-2024-27863 [MEDIUM] CVE-2024-27863: An information disclosure issue was addressed with improved private data redaction for log entries. An information disclosure issue was addressed with improved private data redaction for log entries. This issue is fixed in iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, tvOS 17.6, visionOS 1.3, watchOS 10.6. A local attacker may be able to determine kernel memory layout.

CVE-2024-40785 [MEDIUM] CWE-79 CVE-2024-40785: This issue was addressed with improved checks. This issue is fixed in Safari 17.6, iOS 16.7.9 and iP This issue was addressed with improved checks. This issue is fixed in Safari 17.6, iOS 16.7.9 and iPadOS 16.7.9, iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, tvOS 17.6, visionOS 1.3, watchOS 10.6. Processing maliciously crafted web content may lead to a cross site scripting attack.

CVE-2024-40777 [MEDIUM] CWE-787 CVE-2024-40777: An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iO An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, tvOS 17.6, visionOS 1.3, watchOS 10.6. Processing a maliciously crafted file may lead to unexpected app termination.

CVE-2023-6277 [MEDIUM] CVE-2023-6277: tvOS 17.6 Apple Security Update: About the security content of tvOS 17.6 Product: tvOS Version: 17.6 CVE: CVE-2023-6277 Component: CVE-2023-6277

CVE-2024-40795 [LOW] CVE-2024-40795: This issue was addressed with improved data protection. This issue is fixed in iOS 17.6 and iPadOS 1 This issue was addressed with improved data protection. This issue is fixed in iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, tvOS 17.6, watchOS 10.6. An app may be able to read sensitive location information.

CVE-2023-42949 [LOW] CVE-2023-42949: This issue was addressed with improved data protection. This issue is fixed in iOS 17 and iPadOS 17, This issue was addressed with improved data protection. This issue is fixed in iOS 17 and iPadOS 17, macOS Sonoma 14, watchOS 10, tvOS 17. An app may be able to access edited photos saved to a temporary directory.

CVE-2024-27817 [HIGH] CWE-353 CVE-2024-27817: The issue was addressed with improved checks. This issue is fixed in iOS 16.7.8 and iPadOS 16.7.8, i The issue was addressed with improved checks. This issue is fixed in iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadOS 17.5, macOS Monterey 12.7.5, macOS Sonoma 14.5, macOS Ventura 13.6.7, tvOS 17.5, visionOS 1.2. An app may be able to execute arbitrary code with kernel privileges.

CVE-2024-27857 [HIGH] CWE-119 CVE-2024-27857: An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iO An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5, tvOS 17.5, visionOS 1.2. A remote attacker may be able to cause unexpected app termination or arbitrary code execution.

CVE-2024-27802 [HIGH] CWE-125 CVE-2024-27802: An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 16.7. An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadOS 17.5, macOS Monterey 12.7.5, macOS Sonoma 14.5, macOS Ventura 13.6.7, tvOS 17.5, visionOS 1.2. Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution.

CVE-2024-27851 [HIGH] CWE-119 CVE-2024-27851: The issue was addressed with improved bounds checks. This issue is fixed in Safari 17.5, iOS 17.5 an The issue was addressed with improved bounds checks. This issue is fixed in Safari 17.5, iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5, tvOS 17.5, visionOS 1.2, watchOS 10.5. Processing maliciously crafted web content may lead to arbitrary code execution.

CVE-2024-27808 [HIGH] CWE-786 CVE-2024-27808: The issue was addressed with improved memory handling. This issue is fixed in Safari 17.5, iOS 17.5 The issue was addressed with improved memory handling. This issue is fixed in Safari 17.5, iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5, tvOS 17.5, visionOS 1.2, watchOS 10.5. Processing web content may lead to arbitrary code execution.

CVE-2024-27820 [HIGH] CWE-119 CVE-2024-27820: The issue was addressed with improved memory handling. This issue is fixed in Safari 17.5, iOS 16.7. The issue was addressed with improved memory handling. This issue is fixed in Safari 17.5, iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5, tvOS 17.5, visionOS 1.2, watchOS 10.5. Processing web content may lead to arbitrary code execution.

CVE-2024-27833 [HIGH] CWE-190 CVE-2024-27833: An integer overflow was addressed with improved input validation. This issue is fixed in Safari 17.5 An integer overflow was addressed with improved input validation. This issue is fixed in Safari 17.5, iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadOS 17.5, tvOS 17.5, visionOS 1.2. Processing maliciously crafted web content may lead to arbitrary code execution.

CVE-2024-27831 [HIGH] CWE-787 CVE-2024-27831: An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iO An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadOS 17.5, macOS Monterey 12.7.5, macOS Sonoma 14.5, macOS Ventura 13.6.7, tvOS 17.5, visionOS 1.2. Processing a file may lead to unexpected app termination or arbitrary code execution.

CVE-2024-27828 [HIGH] CWE-786 CVE-2024-27828: The issue was addressed with improved memory handling. This issue is fixed in iOS 17.5 and iPadOS 17 The issue was addressed with improved memory handling. This issue is fixed in iOS 17.5 and iPadOS 17.5, tvOS 17.5, visionOS 1.2, watchOS 10.5. An app may be able to execute arbitrary code with kernel privileges.

CVE-2024-27815 [HIGH] CWE-787 CVE-2024-27815: An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iO An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5, tvOS 17.5, visionOS 1.2, watchOS 10.5. An app may be able to execute arbitrary code with kernel privileges.

CVE-2024-27801 [HIGH] CVE-2024-27801: The issue was addressed with improved checks. This issue is fixed in iOS 17.5 and iPadOS 17.5, macOS The issue was addressed with improved checks. This issue is fixed in iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5, tvOS 17.5, visionOS 1.2, watchOS 10.5. An app may be able to elevate privileges.

CVE-2024-27832 [HIGH] CWE-703 CVE-2024-27832: The issue was addressed with improved checks. This issue is fixed in iOS 17.5 and iPadOS 17.5, macOS The issue was addressed with improved checks. This issue is fixed in iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5, tvOS 17.5, visionOS 1.2, watchOS 10.5. An app may be able to elevate privileges.

CVE-2024-27811 [HIGH] CWE-269 CVE-2024-27811: The issue was addressed with improved checks. This issue is fixed in iOS 17.5 and iPadOS 17.5, macOS The issue was addressed with improved checks. This issue is fixed in iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5, tvOS 17.5, visionOS 1.2, watchOS 10.5. An app may be able to elevate privileges.