Apple tvOS vulnerabilities
2,227 known vulnerabilities affecting apple/tvos.
Total CVEs
2,227
CISA KEV
41
actively exploited
Public exploits
199
Exploited in wild
31
Severity breakdown
CRITICAL148HIGH1222MEDIUM795LOW59UNKNOWN3
Vulnerabilities
Page 74 of 112
CVE-2018-4185HIGHCVSS 7.5fixed in 11.32019-01-11
CVE-2018-4185 [HIGH] CWE-200 CVE-2018-4185: In iOS before 11.3, tvOS before 11.3, watchOS before 4.3, and macOS before High Sierra 10.13.4, an i
In iOS before 11.3, tvOS before 11.3, watchOS before 4.3, and macOS before High Sierra 10.13.4, an information disclosure issue existed in the transition of program state. This issue was addressed with improved state handling.
nvdapple
CVE-2018-4209HIGHCVSS 8.8fixed in 11.32019-01-11
CVE-2018-4209 [HIGH] CWE-20 CVE-2018-4209: In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS bef
In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks.
nvdapple
CVE-2018-4213HIGHCVSS 8.8fixed in 11.32019-01-11
CVE-2018-4213 [HIGH] CWE-20 CVE-2018-4213: In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS bef
In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks.
nvdapple
CVE-2018-4210HIGHCVSS 8.8fixed in 11.32019-01-11
CVE-2018-4210 [HIGH] CWE-129 CVE-2018-4210: In iOS before 11.3, Safari before 11.1, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 f
In iOS before 11.3, Safari before 11.1, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, an array indexing issue existed in the handling of a function in javascript core. This issue was addressed with improved checks.
nvdapple
CVE-2018-4212HIGHCVSS 8.8fixed in 11.32019-01-11
CVE-2018-4212 [HIGH] CVE-2018-4212: In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS bef
In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks.
nvdapple
CVE-2018-4207HIGHCVSS 8.8fixed in 11.32019-01-11
CVE-2018-4207 [HIGH] CWE-20 CVE-2018-4207: In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS bef
In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks.
nvdapple
CVE-2018-4208HIGHCVSS 8.8fixed in 11.32019-01-11
CVE-2018-4208 [HIGH] CWE-20 CVE-2018-4208: In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS bef
In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks.
nvdapple
CVE-2018-4262HIGHCVSS 8.8fixed in 11.4.12019-01-11
CVE-2018-4262 [HIGH] CWE-119 CVE-2018-4262: In Safari before 11.1.2, iTunes before 12.8 for Windows, iOS before 11.4.1, tvOS before 11.4.1, iClo
In Safari before 11.1.2, iTunes before 12.8 for Windows, iOS before 11.4.1, tvOS before 11.4.1, iCloud for Windows before 7.6, multiple memory corruption issues were addressed with improved memory handling.
nvdapple
CVE-2018-4277HIGHCVSS 7.5fixed in 11.4.12019-01-11
CVE-2018-4277 [HIGH] CWE-20 CVE-2018-4277: In iOS before 11.4.1, watchOS before 4.3.2, tvOS before 11.4.1, Safari before 11.1.1, macOS High Sie
In iOS before 11.4.1, watchOS before 4.3.2, tvOS before 11.4.1, Safari before 11.1.1, macOS High Sierra before 10.13.6, a spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation.
nvdapple
CVE-2018-4278MEDIUMCVSS 4.3fixed in 11.4.12019-01-11
CVE-2018-4278 [MEDIUM] CVE-2018-4278: In Safari before 11.1.2, iTunes before 12.8 for Windows, iOS before 11.4.1, tvOS before 11.4.1, iClo
In Safari before 11.1.2, iTunes before 12.8 for Windows, iOS before 11.4.1, tvOS before 11.4.1, iCloud for Windows before 7.6, sound fetched through audio elements may be exfiltrated cross-origin. This issue was addressed with improved audio taint tracking.
nvdapple
CVE-2016-1777HIGHCVSS 7.5v122018-09-17
CVE-2016-1777 [HIGH] CVE-2016-1777: tvOS 12
Apple Security Update: About the security content of tvOS 12
Product: tvOS
Version: 12
CVE: CVE-2016-1777
Component: Security
Impact: An attacker may be able to exploit weaknesses in the RC4 cryptographic algorithm
Description: This issue was addressed by removing RC4.
apple
CVE-2018-5383MEDIUMCVSS 6.8v122018-09-17
CVE-2018-5383 [MEDIUM] CVE-2018-5383: tvOS 12
Apple Security Update: About the security content of tvOS 12
Product: tvOS
Version: 12
CVE: CVE-2018-5383
Component: Bluetooth
Impact: An attacker in a privileged network position may be able to intercept Bluetooth traffic
Description: An input validation issue existed in Bluetooth. This issue was addressed with improved input validation.
apple
CVE-2018-4233HIGHCVSS 8.8PoCfixed in 11.42018-06-08
CVE-2018-4233 [HIGH] CWE-119 CVE-2018-4233: An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1
An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary
nvdapple
CVE-2018-4222HIGHCVSS 8.8PoCfixed in 11.42018-06-08
CVE-2018-4222 [HIGH] CWE-125 CVE-2018-4222: An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1
An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary
nvdapple
CVE-2018-4192HIGHCVSS 7.5PoCfixed in 11.42018-06-08
CVE-2018-4192 [HIGH] CWE-362 CVE-2018-4192: An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1
An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary
nvdapple
CVE-2018-4246HIGHCVSS 8.8fixed in 11.42018-06-08
CVE-2018-4246 [HIGH] CWE-704 CVE-2018-4246: An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1
An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary
nvdapple
CVE-2018-4214HIGHCVSS 8.8fixed in 11.42018-06-08
CVE-2018-4214 [HIGH] CWE-119 CVE-2018-4214: An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1
An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to cause a denial of
nvdapple
CVE-2018-4200HIGHCVSS 8.8PoCfixed in 11.42018-06-08
CVE-2018-4200 [HIGH] CWE-416 CVE-2018-4200: An issue was discovered in certain Apple products. iOS before 11.3.1 is affected. Safari before 11.1
An issue was discovered in certain Apple products. iOS before 11.3.1 is affected. Safari before 11.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service
nvdapple
CVE-2018-4201HIGHCVSS 8.8fixed in 11.42018-06-08
CVE-2018-4201 [HIGH] CWE-119 CVE-2018-4201: An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1
An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary
nvdapple
CVE-2018-4204HIGHCVSS 8.8fixed in 11.42018-06-08
CVE-2018-4204 [HIGH] CWE-119 CVE-2018-4204: An issue was discovered in certain Apple products. iOS before 11.4 is affected. iOS before 11.3.1 is
An issue was discovered in certain Apple products. iOS before 11.4 is affected. iOS before 11.3.1 is affected. Safari before 11.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code
nvdapple