Apple tvOS vulnerabilities

2,227 known vulnerabilities affecting apple/tvos.

Total CVEs

2,227

CISA KEV

actively exploited

Public exploits

199

Exploited in wild

Severity breakdown

CRITICAL148HIGH1222MEDIUM795LOW59UNKNOWN3

Vulnerabilities

Page 73 of 112

CVE-2019-6233HIGHCVSS 8.8fixed in 12.1.2≥ unspecified, < tvOS 12.1.22019-03-05

CVE-2019-6233 [HIGH] CWE-787 CVE-2019-6233: A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12 A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary code execution.

nvdapple

CVE-2019-6230HIGHCVSS 8.6fixed in 12.1.2≥ unspecified, < tvOS 12.1.22019-03-05

CVE-2019-6230 [HIGH] CWE-665 CVE-2019-6230: A memory initialization issue was addressed with improved memory handling. This issue is fixed in iO A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3,macOS Mojave 10.14.3,tvOS 12.1.2,watchOS 5.1.3. A malicious application may be able to break out of its sandbox.

nvdapple

CVE-2019-6210HIGHCVSS 7.8≥ unspecified, < tvOS 12.1.22019-03-05

CVE-2019-6210 [HIGH] CWE-787 CVE-2019-6210: A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 1 A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2, watchOS 5.1.3. A malicious application may be able to execute arbitrary code with kernel privileges.

nvdapple

CVE-2019-6213HIGHCVSS 7.8PoC≥ unspecified, < tvOS 12.1.22019-03-05

CVE-2019-6213 [HIGH] CWE-119 CVE-2019-6213: A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 12.1.3, ma A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2, watchOS 5.1.3. An application may be able to execute arbitrary code with kernel privileges.

nvdapple

CVE-2019-6227HIGHCVSS 8.8fixed in 12.1.2≥ unspecified, < tvOS 12.1.22019-03-05

CVE-2019-6227 [HIGH] CWE-787 CVE-2019-6227: A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12 A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, watchOS 5.1.3, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary code execution.

nvdapple

CVE-2019-6225HIGHCVSS 7.8PoCfixed in 12.1.2≥ unspecified, < tvOS 12.1.22019-03-05

CVE-2019-6225 [HIGH] CWE-787 CVE-2019-6225: A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 12.1.3, A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2. A malicious application may be able to elevate privileges.

nvdapple

CVE-2019-6214HIGHCVSS 8.6PoC≥ unspecified, < tvOS 12.1.22019-03-05

CVE-2019-6214 [HIGH] CWE-843 CVE-2019-6214: A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 12.1. A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2, watchOS 5.1.3. A malicious application may be able to break out of its sandbox.

nvdapple

CVE-2019-6212HIGHCVSS 8.8fixed in 12.1.2≥ unspecified, < tvOS 12.1.22019-03-05

CVE-2019-6212 [HIGH] CWE-787 CVE-2019-6212: Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary code execution.

nvdapple

CVE-2019-6217HIGHCVSS 8.8fixed in 12.1.2≥ unspecified, < tvOS 12.1.22019-03-05

CVE-2019-6217 [HIGH] CWE-787 CVE-2019-6217: Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, watchOS 5.1.3, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary code execution.

nvdapple

CVE-2019-6218HIGHCVSS 7.8PoCfixed in 12.1.2≥ unspecified, < tvOS 12.1.22019-03-05

CVE-2019-6218 [HIGH] CWE-787 CVE-2019-6218: A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 1 A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2. A malicious application may be able to execute arbitrary code with kernel privileges.

nvdapple

CVE-2019-6216HIGHCVSS 8.8fixed in 12.1.2≥ unspecified, < tvOS 12.1.22019-03-05

CVE-2019-6216 [HIGH] CWE-787 CVE-2019-6216: Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, watchOS 5.1.3, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary code execution.

nvdapple

CVE-2019-6205HIGHCVSS 7.8PoCfixed in 12.1.2≥ unspecified, < tvOS 12.1.22019-03-05

CVE-2019-6205 [HIGH] CWE-787 CVE-2019-6205: A memory corruption issue was addressed with improved lock state checking. This issue is fixed in iO A memory corruption issue was addressed with improved lock state checking. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2. A malicious application may cause unexpected changes in memory shared between processes.

nvdapple

CVE-2019-6208MEDIUMCVSS 5.5PoC≥ unspecified, < tvOS 12.1.22019-03-05

CVE-2019-6208 [MEDIUM] CWE-665 CVE-2019-6208: A memory initialization issue was addressed with improved memory handling. This issue is fixed in iO A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2. A malicious application may cause unexpected changes in memory shared between processes.

nvdapple

CVE-2019-6229MEDIUMCVSS 6.1fixed in 12.1.2≥ unspecified, < tvOS 12.1.22019-03-05

CVE-2019-6229 [MEDIUM] CWE-79 CVE-2019-6229: A logic issue was addressed with improved validation. This issue is fixed in iOS 12.1.3, tvOS 12.1.2 A logic issue was addressed with improved validation. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to universal cross site scripting.

nvdapple

CVE-2019-6231MEDIUMCVSS 5.5fixed in 12.1.2≥ unspecified, < tvOS 12.1.22019-03-05

CVE-2019-6231 [MEDIUM] CWE-125 CVE-2019-6231: An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 12.1.3 An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2, watchOS 5.1.3. A malicious application may be able to read restricted memory.

nvdapple

CVE-2019-6209MEDIUMCVSS 5.5PoC≥ unspecified, < tvOS 12.1.22019-03-05

CVE-2019-6209 [MEDIUM] CWE-125 CVE-2019-6209: An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2, watchOS 5.1.3. A malicious application may be able to determine kernel memory layout.

nvdapple

CVE-2019-6235CRITICALCVSS 10.0≥ unspecified, < tvOS 12.1.22019-03-04

CVE-2019-6235 [CRITICAL] CWE-787 CVE-2019-6235: A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 12.1.3, A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2, watchOS 5.1.3, iTunes 12.9.3 for Windows. A sandboxed process may be able to circumvent sandbox restrictions.

nvdapple

CVE-2019-8906MEDIUMCVSS 4.4fixed in 12.22019-02-18

CVE-2019-8906 [MEDIUM] CWE-125 CVE-2019-8906: do_core_note in readelf.c in libmagic.a in file 5.35 has an out-of-bounds read because memcpy is mis do_core_note in readelf.c in libmagic.a in file 5.35 has an out-of-bounds read because memcpy is misused.

nvdapple

CVE-2018-20505HIGHCVSS 7.5v12.1.22019-01-22

CVE-2018-20505 [HIGH] CVE-2018-20505: tvOS 12.1.2 Apple Security Update: About the security content of tvOS 12.1.2 Product: tvOS Version: 12.1.2 CVE: CVE-2018-20505 Component: SQLite Impact: A maliciously crafted SQL query may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved input validation.

apple

CVE-2018-20346HIGHCVSS 8.1v12.1.22019-01-22

CVE-2018-20346 [HIGH] CVE-2018-20346: tvOS 12.1.2 Apple Security Update: About the security content of tvOS 12.1.2 Product: tvOS Version: 12.1.2 CVE: CVE-2018-20346 Component: SQLite Impact: A maliciously crafted SQL query may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved input validation.

apple

← Previous73 / 112Next →