Apple tvOS vulnerabilities
2,227 known vulnerabilities affecting apple/tvos.
Total CVEs
2,227
CISA KEV
41
actively exploited
Public exploits
199
Exploited in wild
31
Severity breakdown
CRITICAL148HIGH1222MEDIUM795LOW59UNKNOWN3
Vulnerabilities
Page 41 of 112
CVE-2021-30705MEDIUMCVSS 5.5fixed in 14.62021-09-08
CVE-2021-30705 [MEDIUM] CVE-2021-30705: This issue was addressed with improved checks. This issue is fixed in tvOS 14.6, Security Update 202
This issue was addressed with improved checks. This issue is fixed in tvOS 14.6, Security Update 2021-004 Mojave, iOS 14.6 and iPadOS 14.6, Security Update 2021-003 Catalina, macOS Big Sur 11.4, watchOS 7.5. Processing a maliciously crafted ASTC file may disclose memory contents.
nvdapple
CVE-2021-1860MEDIUMCVSS 6.5fixed in 14.5≥ unspecified, < 14.52021-09-08
CVE-2021-1860 [MEDIUM] CWE-665 CVE-2021-1860: A memory initialization issue was addressed with improved memory handling. This issue is fixed in Se
A memory initialization issue was addressed with improved memory handling. This issue is fixed in Security Update 2021-002 Catalina, Security Update 2021-003 Mojave, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. A malicious application may be able to disclose kernel memory.
nvd
CVE-2021-1822MEDIUMCVSS 5.5fixed in 14.5≥ unspecified, < 14.52021-09-08
CVE-2021-1822 [MEDIUM] CVE-2021-1822: A logic issue was addressed with improved restrictions. This issue is fixed in iOS 14.5 and iPadOS 1
A logic issue was addressed with improved restrictions. This issue is fixed in iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. A local user may be able to modify protected parts of the file system.
nvd
CVE-2021-30720MEDIUMCVSS 5.4fixed in 14.62021-09-08
CVE-2021-30720 [MEDIUM] CWE-287 CVE-2021-30720: A logic issue was addressed with improved restrictions. This issue is fixed in tvOS 14.6, iOS 14.6 a
A logic issue was addressed with improved restrictions. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. A malicious website may be able to access restricted ports on arbitrary servers.
nvdapple
CVE-2021-1836MEDIUMCVSS 5.5fixed in 14.5≥ unspecified, < 14.52021-09-08
CVE-2021-1836 [MEDIUM] CWE-269 CVE-2021-1836: A logic issue was addressed with improved restrictions. This issue is fixed in iOS 14.5 and iPadOS 1
A logic issue was addressed with improved restrictions. This issue is fixed in iOS 14.5 and iPadOS 14.5, tvOS 14.5. A local user may be able to create or modify privileged files.
nvd
CVE-2021-1815MEDIUMCVSS 5.5fixed in 14.5≥ unspecified, < 14.52021-09-08
CVE-2021-1815 [MEDIUM] CWE-22 CVE-2021-1815: A parsing issue in the handling of directory paths was addressed with improved path validation. This
A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. A local user may be able to modify protected parts of the file system.
nvd
CVE-2021-1740MEDIUMCVSS 5.5fixed in 14.5≥ unspecified, < 14.52021-09-08
CVE-2021-1740 [MEDIUM] CWE-22 CVE-2021-1740: A parsing issue in the handling of directory paths was addressed with improved path validation. This
A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in Security Update 2021-002 Catalina, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. A local user may be able to modify protected parts of the file system.
nvd
CVE-2021-1739MEDIUMCVSS 5.5fixed in 14.5≥ unspecified, < 14.52021-09-08
CVE-2021-1739 [MEDIUM] CWE-22 CVE-2021-1739: A parsing issue in the handling of directory paths was addressed with improved path validation. This
A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in Security Update 2021-002 Catalina, Security Update 2021-003 Mojave, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. A local user may be able to modify protected parts of the file system.
nvd
CVE-2021-30753MEDIUMCVSS 5.5fixed in 14.62021-09-08
CVE-2021-30753 [MEDIUM] CWE-125 CVE-2021-30753: Processing a maliciously crafted font may result in the disclosure of process memory. This issue is
Processing a maliciously crafted font may result in the disclosure of process memory. This issue is fixed in macOS Big Sur 11.4, tvOS 14.6, watchOS 7.5, iOS 14.6 and iPadOS 14.6. An out-of-bounds read was addressed with improved input validation.
nvdapple
CVE-2021-30733MEDIUMCVSS 5.5fixed in 14.62021-09-08
CVE-2021-30733 [MEDIUM] CWE-125 CVE-2021-30733: An out-of-bounds read was addressed with improved input validation. This issue is fixed in tvOS 14.6
An out-of-bounds read was addressed with improved input validation. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Security Update 2021-004 Catalina, Security Update 2021-005 Mojave, macOS Big Sur 11.4, watchOS 7.5. Processing a maliciously crafted font may result in the disclosure of process memory.
nvdapple
CVE-2021-30697MEDIUMCVSS 5.5fixed in 14.62021-09-08
CVE-2021-30697 [MEDIUM] CVE-2021-30697: A logic issue was addressed with improved state management. This issue is fixed in tvOS 14.6, Securi
A logic issue was addressed with improved state management. This issue is fixed in tvOS 14.6, Security Update 2021-004 Mojave, iOS 14.6 and iPadOS 14.6, Security Update 2021-003 Catalina, macOS Big Sur 11.4, watchOS 7.5. A local user may be able to leak sensitive user information.
nvdapple
CVE-2021-30686MEDIUMCVSS 5.5fixed in 14.62021-09-08
CVE-2021-30686 [MEDIUM] CWE-125 CVE-2021-30686: An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in tvOS 14.6,
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Security Update 2021-003 Catalina, macOS Big Sur 11.4, watchOS 7.5. Processing a maliciously crafted audio file may disclose restricted memory.
nvdapple
CVE-2021-1811MEDIUMCVSS 6.5fixed in 14.5≥ unspecified, < 14.52021-09-08
CVE-2021-1811 [MEDIUM] CVE-2021-1811: A logic issue was addressed with improved state management. This issue is fixed in iTunes 12.11.3 fo
A logic issue was addressed with improved state management. This issue is fixed in iTunes 12.11.3 for Windows, Security Update 2021-002 Catalina, Security Update 2021-003 Mojave, iCloud for Windows 12.3, macOS Big Sur 11.3, watchOS 7.4, tvOS 14.5, iOS 14.5 and iPadOS 14.5. Processing a maliciously crafted font may result in the disclosure of process memory.
nvd
CVE-2021-30706MEDIUMCVSS 5.5fixed in 14.62021-09-08
CVE-2021-30706 [MEDIUM] CWE-125 CVE-2021-30706: Processing a maliciously crafted image may lead to disclosure of user information. This issue is fix
Processing a maliciously crafted image may lead to disclosure of user information. This issue is fixed in macOS Big Sur 11.4, tvOS 14.6, watchOS 7.5, iOS 14.6 and iPadOS 14.6. This issue was addressed with improved checks.
nvdapple
CVE-2021-30769MEDIUMCVSS 5.5fixed in 14.7≥ unspecified, < 14.72021-09-08
CVE-2021-30769 [MEDIUM] CWE-287 CVE-2021-30769: A logic issue was addressed with improved state management. This issue is fixed in iOS 14.7, tvOS 14
A logic issue was addressed with improved state management. This issue is fixed in iOS 14.7, tvOS 14.7, watchOS 7.6. A malicious attacker with arbitrary read and write capability may be able to bypass Pointer Authentication.
nvd
CVE-2021-1820MEDIUMCVSS 6.5fixed in 14.5≥ unspecified, < 14.52021-09-08
CVE-2021-1820 [MEDIUM] CWE-665 CVE-2021-1820: A memory initialization issue was addressed with improved memory handling. This issue is fixed in ma
A memory initialization issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may result in the disclosure of process memory.
nvd
CVE-2021-1884MEDIUMCVSS 5.9fixed in 14.5≥ unspecified, < 14.52021-09-08
CVE-2021-1884 [MEDIUM] CWE-362 CVE-2021-1884: A race condition was addressed with improved locking. This issue is fixed in Security Update 2021-00
A race condition was addressed with improved locking. This issue is fixed in Security Update 2021-004 Mojave, iOS 14.5 and iPadOS 14.5, watchOS 7.4, Security Update 2021-003 Catalina, tvOS 14.5, macOS Big Sur 11.3. A remote attacker may be able to cause a denial of service.
nvd
CVE-2021-30942HIGHCVSS 7.8fixed in 15.22021-08-24
CVE-2021-30942 [HIGH] CWE-787 CVE-2021-30942: Description: A memory corruption issue in the processing of ICC profiles was addressed with improved
Description: A memory corruption issue in the processing of ICC profiles was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.6.2, tvOS 15.2, macOS Monterey 12.1, Security Update 2021-008 Catalina, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing a maliciously crafted image may lead to arbitrary code execution.
nvdapple
CVE-2021-30924HIGHCVSS 7.5fixed in 15.12021-08-24
CVE-2021-30924 [HIGH] CVE-2021-30924: A denial of service issue was addressed with improved state handling. This issue is fixed in macOS M
A denial of service issue was addressed with improved state handling. This issue is fixed in macOS Monterey 12.0.1. A remote attacker can cause a device to unexpectedly restart.
nvdapple
CVE-2021-30909HIGHCVSS 7.8fixed in 15.12021-08-24
CVE-2021-30909 [HIGH] CWE-787 CVE-2021-30909: A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 15
A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 15.1 and iPadOS 15.1, macOS Monterey 12.0.1, iOS 14.8.1 and iPadOS 14.8.1, tvOS 15.1, watchOS 8.1, Security Update 2021-007 Catalina, macOS Big Sur 11.6.1. An application may be able to execute arbitrary code with kernel privileges.
nvdapple