Apple tvOS vulnerabilities

2,227 known vulnerabilities affecting apple/tvos.

Total CVEs

2,227

CISA KEV

actively exploited

Public exploits

199

Exploited in wild

Severity breakdown

CRITICAL148HIGH1222MEDIUM795LOW59UNKNOWN3

Vulnerabilities

Page 76 of 112

CVE-2018-4155HIGHCVSS 7.0fixed in 11.32018-04-03

CVE-2018-4155 [HIGH] CWE-362 CVE-2018-4155: An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "CoreFoundation" component. A race condition allows attackers to execute arbitrary code in a privileged context via a crafted app.

nvdapple

CVE-2018-4128HIGHCVSS 8.8fixed in 11.32018-04-03

CVE-2018-4128 [HIGH] CWE-119 CVE-2018-4128: An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 i An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (

nvdapple

CVE-2018-4118HIGHCVSS 8.8fixed in 11.32018-04-03

CVE-2018-4118 [HIGH] CWE-119 CVE-2018-4118: An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 i An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (

nvdapple

CVE-2017-7171HIGHCVSS 7.8fixed in 11.22018-04-03

CVE-2017-7171 [HIGH] CWE-119 CVE-2017-7171: An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10.13.2 An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10.13.2 is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the "CoreAnimation" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a craf

nvdapple

CVE-2018-4157HIGHCVSS 7.0fixed in 11.32018-04-03

CVE-2018-4157 [HIGH] CWE-362 CVE-2018-4157: An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "Quick Look" component. A race condition allows attackers to execute arbitrary code in a privileged context via a crafted app.

nvdapple

CVE-2018-4121HIGHCVSS 8.8PoCfixed in 11.32018-04-03

CVE-2018-4121 [HIGH] CWE-119 CVE-2018-4121: An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 i An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary cod

nvdapple

CVE-2017-13885HIGHCVSS 8.8fixed in 11.22018-04-03

CVE-2017-13885 [HIGH] CWE-119 CVE-2017-13885: An issue was discovered in certain Apple products. iOS before 11.2 is affected. Safari before 11.0.2 An issue was discovered in certain Apple products. iOS before 11.2 is affected. Safari before 11.0.2 is affected. iCloud before 7.2 on Windows is affected. iTunes before 12.7.2 on Windows is affected. tvOS before 11.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of servi

nvdapple

CVE-2017-7172HIGHCVSS 7.8fixed in 11.22018-04-03

CVE-2017-7172 [HIGH] CWE-119 CVE-2017-7172: An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10.13.2 An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10.13.2 is affected. iCloud before 7.2 on Windows is affected. iTunes before 12.7.2 on Windows is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the "CFNetwork Session" component. It allows attackers to execute arbitra

nvdapple

CVE-2018-4127HIGHCVSS 8.8fixed in 11.32018-04-03

CVE-2018-4127 [HIGH] CWE-119 CVE-2018-4127: An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 i An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (

nvdapple

CVE-2017-7065HIGHCVSS 8.8fixed in 10.2.22018-04-03

CVE-2017-7065 [HIGH] CWE-119 CVE-2017-7065: An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. macOS before 10.12 An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. macOS before 10.12.6 is affected. tvOS before 10.2.2 is affected. The issue involves the "Wi-Fi" component. It allows remote attackers to execute arbitrary code (on the Wi-Fi chip) or cause a denial of service (memory corruption) by leveraging proximity for 802.11.

nvdapple

CVE-2017-13884HIGHCVSS 8.8fixed in 11.22018-04-03

CVE-2017-13884 [HIGH] CWE-119 CVE-2017-13884: An issue was discovered in certain Apple products. iOS before 11.2 is affected. Safari before 11.0.2 An issue was discovered in certain Apple products. iOS before 11.2 is affected. Safari before 11.0.2 is affected. iCloud before 7.2 on Windows is affected. iTunes before 12.7.2 on Windows is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary

nvdapple

CVE-2018-4125HIGHCVSS 8.8fixed in 11.32018-04-03

CVE-2018-4125 [HIGH] CWE-119 CVE-2018-4125: An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 i An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary cod

nvdapple

CVE-2018-4165HIGHCVSS 8.8fixed in 11.32018-04-03

CVE-2018-4165 [HIGH] CWE-119 CVE-2018-4165: An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 i An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (

nvdapple

CVE-2018-4166HIGHCVSS 7.0fixed in 11.32018-04-03

CVE-2018-4166 [HIGH] CWE-362 CVE-2018-4166: An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "NSURLSession" component. A race condition allows attackers to execute arbitrary code in a privileged context via a crafted app.

nvdapple

CVE-2018-4167HIGHCVSS 7.0fixed in 11.32018-04-03

CVE-2018-4167 [HIGH] CWE-362 CVE-2018-4167: An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "File System Events" component. A race condition allows attackers to execute arbitrary code in a privileged context via a crafted app.

nvdapple

CVE-2018-4122HIGHCVSS 8.8fixed in 11.32018-04-03

CVE-2018-4122 [HIGH] CWE-119 CVE-2018-4122: An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 i An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary cod

nvdapple

CVE-2018-4119HIGHCVSS 8.8fixed in 11.32018-04-03

CVE-2018-4119 [HIGH] CWE-119 CVE-2018-4119: An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 i An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (

nvdapple

CVE-2018-4150HIGHCVSS 7.8fixed in 11.32018-04-03

CVE-2018-4150 [HIGH] CWE-119 CVE-2018-4150: An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app

nvdapple

CVE-2018-4114HIGHCVSS 8.8fixed in 11.32018-04-03

CVE-2018-4114 [HIGH] CWE-119 CVE-2018-4114: An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 i An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary cod

nvdapple

CVE-2017-13904HIGHCVSS 7.8fixed in 11.22018-04-03

CVE-2017-13904 [HIGH] CWE-119 CVE-2017-13904: An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10.13.2 An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10.13.2 is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted a

nvdapple

← Previous76 / 112Next →