Apple tvOS vulnerabilities

2,227 known vulnerabilities affecting apple/tvos.

Total CVEs
2,227
CISA KEV
41
actively exploited
Public exploits
199
Exploited in wild
31
Severity breakdown
CRITICAL148HIGH1222MEDIUM795LOW59UNKNOWN3

Vulnerabilities

Page 96 of 112
CVE-2016-4725HIGHCVSS 8.1fixed in 10.02016-09-25
CVE-2016-4725 [HIGH] CWE-119 CVE-2016-4725: IOAcceleratorFamily in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 IOAcceleratorFamily in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (memory corruption) via a crafted web site.
nvdapple
CVE-2016-4768HIGHCVSS 8.8fixed in 10.02016-09-25
CVE-2016-4768 [HIGH] CVE-2016-4768: WebKit in Apple iOS before 10, tvOS before 10, iTunes before 12.5.1 on Windows, and Safari before 10 WebKit in Apple iOS before 10, tvOS before 10, iTunes before 12.5.1 on Windows, and Safari before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4759, CVE-2016-4765, CVE-2016-4766, and CVE-2016-4767.
nvdapple
CVE-2016-4611HIGHCVSS 8.8fixed in 10.02016-09-25
CVE-2016-4611 [HIGH] CWE-119 CVE-2016-4611: WebKit in Apple iOS before 10, Safari before 10, and tvOS before 10 allows remote attackers to execu WebKit in Apple iOS before 10, Safari before 10, and tvOS before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4730, CVE-2016-4733, CVE-2016-4734, and CVE-2016-4735.
nvdapple
CVE-2016-4767HIGHCVSS 8.8fixed in 10.02016-09-25
CVE-2016-4767 [HIGH] CVE-2016-4767: WebKit in Apple iOS before 10, tvOS before 10, iTunes before 12.5.1 on Windows, and Safari before 10 WebKit in Apple iOS before 10, tvOS before 10, iTunes before 12.5.1 on Windows, and Safari before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4759, CVE-2016-4765, CVE-2016-4766, and CVE-2016-4768.
nvdapple
CVE-2016-4733HIGHCVSS 7.8fixed in 10.02016-09-25
CVE-2016-4733 [HIGH] CVE-2016-4733: WebKit in Apple iOS before 10, Safari before 10, and tvOS before 10 allows remote attackers to execu WebKit in Apple iOS before 10, Safari before 10, and tvOS before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4611, CVE-2016-4730, CVE-2016-4734, and CVE-2016-4735.
nvdapple
CVE-2016-4776HIGHCVSS 7.1fixed in 10.02016-09-25
CVE-2016-4776 [HIGH] CVE-2016-4776: The kernel in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows at The kernel in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows attackers to obtain sensitive memory-layout information or cause a denial of service (out-of-bounds read) via a crafted app, a different vulnerability than CVE-2016-4773 and CVE-2016-4774.
nvdapple
CVE-2016-4728HIGHCVSS 8.8fixed in 10.02016-09-25
CVE-2016-4728 [HIGH] CWE-20 CVE-2016-4728: WebKit in Apple iOS before 10, tvOS before 10, iTunes before 12.5.1 on Windows, and Safari before 10 WebKit in Apple iOS before 10, tvOS before 10, iTunes before 12.5.1 on Windows, and Safari before 10 mishandles error prototypes, which allows remote attackers to execute arbitrary code via a crafted web site.
nvdapple
CVE-2016-4778HIGHCVSS 7.8fixed in 10.02016-09-25
CVE-2016-4778 [HIGH] CWE-264 CVE-2016-4778: The kernel in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows at The kernel in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
nvdapple
CVE-2016-4712HIGHCVSS 7.8fixed in 10.02016-09-25
CVE-2016-4712 [HIGH] CWE-787 CVE-2016-4712: CoreCrypto in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows at CoreCrypto in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows attackers to execute arbitrary code or cause a denial of service (out-of-bounds write) via a crafted app.
nvdapple
CVE-2016-4765HIGHCVSS 8.8fixed in 10.02016-09-25
CVE-2016-4765 [HIGH] CVE-2016-4765: WebKit in Apple iOS before 10, tvOS before 10, iTunes before 12.5.1 on Windows, and Safari before 10 WebKit in Apple iOS before 10, tvOS before 10, iTunes before 12.5.1 on Windows, and Safari before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4759, CVE-2016-4766, CVE-2016-4767, and CVE-2016-4768.
nvdapple
CVE-2016-4735HIGHCVSS 8.8fixed in 10.02016-09-25
CVE-2016-4735 [HIGH] CVE-2016-4735: WebKit in Apple iOS before 10, Safari before 10, and tvOS before 10 allows remote attackers to execu WebKit in Apple iOS before 10, Safari before 10, and tvOS before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4611, CVE-2016-4730, CVE-2016-4733, and CVE-2016-4734.
nvdapple
CVE-2016-4753HIGHCVSS 7.8fixed in 10.02016-09-25
CVE-2016-4753 [HIGH] CWE-20 CVE-2016-4753: Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 mishandle signed disk i Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 mishandle signed disk images, which allows attackers to execute arbitrary code in a privileged context via a crafted app.
nvdapple
CVE-2016-4774HIGHCVSS 7.1fixed in 10.02016-09-25
CVE-2016-4774 [HIGH] CVE-2016-4774: The kernel in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows at The kernel in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows attackers to obtain sensitive memory-layout information or cause a denial of service (out-of-bounds read) via a crafted app, a different vulnerability than CVE-2016-4773 and CVE-2016-4776.
nvdapple
CVE-2016-4718MEDIUMCVSS 6.5fixed in 10.02016-09-25
CVE-2016-4718 [MEDIUM] CWE-119 CVE-2016-4718: Buffer overflow in FontParser in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS Buffer overflow in FontParser in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows remote attackers to obtain sensitive information from process memory via a crafted font file.
nvdapple
CVE-2016-4708MEDIUMCVSS 6.5fixed in 10.02016-09-25
CVE-2016-4708 [MEDIUM] CWE-200 CVE-2016-4708: CFNetwork in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 misparses CFNetwork in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 misparses the Set-Cookie header, which allows remote attackers to obtain sensitive information via a crafted HTTP response.
nvdapple
CVE-2016-5131HIGHCVSS 8.8fixed in 10.02016-07-23
CVE-2016-5131 [HIGH] CWE-416 CVE-2016-5131: Use-after-free vulnerability in libxml2 through 2.9.4, as used in Google Chrome before 52.0.2743.82, Use-after-free vulnerability in libxml2 through 2.9.4, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the XPointer range-to function.
nvdapple
CVE-2016-4607CRITICALCVSS 9.8fixed in 9.2.22016-07-22
CVE-2016-4607 [CRITICAL] CWE-119 CVE-2016-4607: libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud befo libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2016-4608, CVE-
nvdapple
CVE-2016-4616CRITICALCVSS 9.8fixed in 9.2.22016-07-22
CVE-2016-4616 [CRITICAL] CVE-2016-4616: libxml2 in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud befo libxml2 in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2016-4614, CVE-2016-461
nvdapple
CVE-2016-4614CRITICALCVSS 9.8fixed in 9.2.22016-07-22
CVE-2016-4614 [CRITICAL] CWE-787 CVE-2016-4614: libxml2 in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud befo libxml2 in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2016-4615, CVE-
nvdapple
CVE-2016-4615CRITICALCVSS 9.8fixed in 9.2.22016-07-22
CVE-2016-4615 [CRITICAL] CVE-2016-4615: libxml2 in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud befo libxml2 in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2016-4614, CVE-2016-461
nvdapple
← Previous96 / 112Next →