Tvos Security Vulnerabilities and Issues — Page 15 of Tvos CVE List

Lucene search

AppleTvos

1896 matches found

CVE•added 2022/12/15 7:15 p.m.•92 views

CVE-2022-46695

A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation. This issue is fixed in tvOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Visiting a website that frames malicious content may lead to UI spoof...

6.5CVSS6.2AI score0.00118EPSS

CVE•added 2023/02/27 8:15 p.m.•92 views

CVE-2023-23504

The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.6.3, macOS Ventura 13.2, watchOS 9.3, iOS 15.7.3 and iPadOS 15.7.3, tvOS 16.3, iOS 16.3 and iPadOS 16.3. An app may be able to execute arbitrary code with kernel privileges.

7.8CVSS7AI score0.00055EPSS

CVE•added 2016/09/25 10:59 a.m.•91 views

CVE-2016-4735

WebKit in Apple iOS before 10, Safari before 10, and tvOS before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4611, CVE-2016-4730, CVE-2016-4733, and CVE-2016-4734.

9.3CVSS8.4AI score0.08398EPSS

CVE•added 2017/12/25 9:29 p.m.•91 views

CVE-2017-13855

An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10.13.2 is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the "Kernel" component. It allows attackers to bypass intended memory-read restrictions via a crafted ap...

5.5CVSS4.8AI score0.06249EPSS

Web

CVE•added 2017/07/20 4:29 p.m.•91 views

CVE-2017-7034

An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote at...

8.8CVSS8.1AI score0.00513EPSS

CVE•added 2017/10/23 1:29 a.m.•91 views

CVE-2017-7102

An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execu...

8.8CVSS7.7AI score0.00513EPSS

CVE•added 2020/10/27 8:15 p.m.•91 views

CVE-2019-8746

An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15, iOS 13, iCloud for Windows 7.14, iCloud for Windows 10.7, tvOS 13, macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, watchOS 6, iTunes 12.10.1 for Windows. ...

9.8CVSS8.2AI score0.02306EPSS

CVE•added 2020/10/27 8:15 p.m.•91 views

CVE-2019-8832

A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.3 and iPadOS 13.3, watchOS 6.1.1, macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra, tvOS 13.3. An application may be able to execute arbitrary code w...

9.3CVSS7.6AI score0.00484EPSS

CVE•added 2020/10/27 9:15 p.m.•91 views

CVE-2019-8850

An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15, iOS 13.1 and iPadOS 13.1, tvOS 13, macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, watchOS 6. Processing a maliciously crafted audio file may disclose res...

5.5CVSS5.8AI score0.00299EPSS

CVE•added 2020/12/08 9:15 p.m.•91 views

CVE-2020-27911

An integer overflow was addressed through improved input validation. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 14.2 and iPadOS 14.2, iCloud for Windows 11.5, tvOS 14.2, iTunes 12.11 for Windows. A remote attacker may be able to cause unexpected application termination or arbitra...

9.3CVSS7.7AI score0.02512EPSS

CVE•added 2020/10/16 5:15 p.m.•91 views

CVE-2020-9916

A URL Unicode encoding issue was addressed with improved state management. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. A malicious attacker may be able to conceal the destin...

5.3CVSS5.8AI score0.00526EPSS

CVE•added 2020/12/08 8:15 p.m.•91 views

CVE-2020-9966

An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.0, tvOS 14.0, iOS 14.0 and iPadOS 14.0. An application may be able to execute arbitrary code with kernel privileges.

7.8CVSS7.2AI score0.00788EPSS

CVE•added 2021/09/08 3:15 p.m.•91 views

CVE-2021-1808

A memory corruption issue was addressed with improved validation. This issue is fixed in Security Update 2021-002 Catalina, Security Update 2021-003 Mojave, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. An application may be able to read restricted memory.

7.5CVSS7.2AI score0.00542EPSS

CVE•added 2021/09/08 3:15 p.m.•91 views

CVE-2021-1809

A memory corruption issue was addressed with improved validation. This issue is fixed in Security Update 2021-002 Catalina, Security Update 2021-003 Mojave, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. A malicious application may be able to read restricted memory.

7.5CVSS7.2AI score0.00542EPSS

CVE•added 2021/09/08 3:15 p.m.•91 views

CVE-2021-30686

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Security Update 2021-003 Catalina, macOS Big Sur 11.4, watchOS 7.5. Processing a maliciously crafted audio file may disclose restricted memory.

5.5CVSS5.5AI score0.00296EPSS

CVE•added 2021/09/08 3:15 p.m.•91 views

CVE-2021-30701

This issue was addressed with improved checks. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Security Update 2021-003 Catalina, macOS Big Sur 11.4, watchOS 7.5. Processing a maliciously crafted image may lead to arbitrary code execution.

7.8CVSS7.7AI score0.00727EPSS

CVE•added 2021/09/08 2:15 p.m.•91 views

CVE-2021-30736

A buffer overflow was addressed with improved size validation. This issue is fixed in macOS Big Sur 11.4, tvOS 14.6, watchOS 7.5, iOS 14.6 and iPadOS 14.6. An application may be able to execute arbitrary code with kernel privileges.

9.3CVSS7.7AI score0.00382EPSS

CVE•added 2021/08/24 7:15 p.m.•91 views

CVE-2021-30886

A use after free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.0.1, iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. An application may be able to execute arbitrary code with kernel privileges.

9.3CVSS7.6AI score0.00587EPSS

CVE•added 2022/08/24 8:15 p.m.•91 views

CVE-2022-32793

Multiple out-of-bounds write issues were addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.5, watchOS 8.7, tvOS 15.6, iOS 15.6 and iPadOS 15.6. An app may be able to disclose kernel memory.

7.5CVSS7.3AI score0.00235EPSS

CVE•added 2022/12/15 7:15 p.m.•91 views

CVE-2022-42855

A logic issue was addressed with improved state management. This issue is fixed in tvOS 16.2, macOS Monterey 12.6.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2. An app may be able to use arbitrary entitlements.

7.1CVSS6.8AI score0.00018EPSS

CVE•added 2023/05/08 8:15 p.m.•91 views

CVE-2023-23527

The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4, macOS Big Sur 11.7.5, macOS Monterey 12.6.4, tvOS 16.4, watchOS 9.4. A user may gain access to protected parts of the file system.

5.5CVSS4.4AI score0.00041EPSS

CVE•added 2024/07/29 11:15 p.m.•91 views

CVE-2024-40776

A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, Safari 17.6, iOS 17.6 and iPadOS 17.6, watchOS 10.6, tvOS 17.6, visionOS 1.3, macOS Sonoma 14.6. Processing maliciously crafted web content may lead to an unexpected process cr...

6.5CVSS6AI score0.02946EPSS

CVE•added 2017/12/25 9:29 p.m.•90 views

CVE-2017-13867

An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10.13.2 is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a...

9.3CVSS7.3AI score0.02252EPSS

Web

CVE•added 2019/12/18 6:15 p.m.•90 views

CVE-2019-8602

A memory corruption issue was addressed by removing the vulnerable code. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. A malicious application may be able to elevate privileges.

7.8CVSS7.7AI score0.0077EPSS

CVE•added 2020/12/08 9:15 p.m.•90 views

CVE-2020-27912

An out-of-bounds write was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 14.2 and iPadOS 14.2, iCloud for Windows 11.5, tvOS 14.2, iTunes 12.11 for Windows. Processing a maliciously crafted image may lead to arbitrary code execution.

9.3CVSS7.5AI score0.00989EPSS

CVE•added 2020/06/09 5:15 p.m.•90 views

CVE-2020-9816

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5. Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution.

9.3CVSS7.8AI score0.00484EPSS

CVE•added 2020/10/22 6:15 p.m.•90 views

CVE-2020-9875

An integer overflow was addressed through improved input validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to ...

7.8CVSS8.3AI score0.00344EPSS

CVE•added 2021/09/08 3:15 p.m.•90 views

CVE-2021-1740

A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in Security Update 2021-002 Catalina, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. A local user may be able to modify protected parts of the file system.

5.5CVSS5.5AI score0.00069EPSS

CVE•added 2021/04/02 6:15 p.m.•90 views

CVE-2021-1772

A stack overflow was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. Processing a maliciously crafted text file may lead to arbitrary code execu...

7.8CVSS7.6AI score0.00683EPSS

CVE•added 2021/09/08 3:15 p.m.•90 views

CVE-2021-1849

An issue in code signature validation was addressed with improved checks. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. A malicious application may be able to bypass Privacy preferences.

7.5CVSS7.2AI score0.00154EPSS

CVE•added 2021/09/08 3:15 p.m.•90 views

CVE-2021-30704

A logic issue was addressed with improved state management. This issue is fixed in tvOS 14.6, Security Update 2021-004 Mojave, iOS 14.6 and iPadOS 14.6, Security Update 2021-003 Catalina, macOS Big Sur 11.4, watchOS 7.5. An application may be able to execute arbitrary code with kernel privileges.

7.8CVSS7.8AI score0.00361EPSS

CVE•added 2021/10/28 7:15 p.m.•90 views

CVE-2021-30831

An out-of-bounds read was addressed with improved input validation. This issue is fixed in tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing a maliciously crafted font may result in the disclosure of process memory.

5.5CVSS5.6AI score0.00244EPSS

CVE•added 2022/03/18 6:15 p.m.•90 views

CVE-2022-22615

A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, macOS Big Sur 11.6.5, Security Update 2022-003 Catalina, watchOS 8.5, macOS Monterey 12.3. An application may be able to execute arbitrary code with kernel privileges.

9.3CVSS7.9AI score0.00284EPSS

CVE•added 2023/09/27 3:19 p.m.•90 views

CVE-2023-40391

The issue was addressed with improved memory handling. This issue is fixed in tvOS 17, iOS 17 and iPadOS 17, macOS Sonoma 14, Xcode 15. An app may be able to disclose kernel memory.

5.5CVSS4.9AI score0.00022EPSS

CVE•added 2024/07/29 11:15 p.m.•90 views

CVE-2024-27826

The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.6.8, macOS Sonoma 14.5, macOS Monterey 12.7.6, watchOS 10.5, visionOS 1.3, tvOS 17.5, iOS 17.5 and iPadOS 17.5. An app may be able to execute arbitrary code with kernel privileges.

7.8CVSS7AI score0.0007EPSS

CVE•added 2024/07/29 11:15 p.m.•90 views

CVE-2024-40779

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, Safari 17.6, iOS 17.6 and iPadOS 17.6, watchOS 10.6, tvOS 17.6, visionOS 1.3, macOS Sonoma 14.6. Processing maliciously crafted web content may lead to an unexpected process crash...

5.5CVSS5.9AI score0.00127EPSS

CVE•added 2024/09/17 12:15 a.m.•90 views

CVE-2024-44191

This issue was addressed through improved state management. This issue is fixed in iOS 17.7 and iPadOS 17.7, Xcode 16, visionOS 2, watchOS 11, macOS Sequoia 15, iOS 18 and iPadOS 18, tvOS 18. An app may gain unauthorized access to Bluetooth.

5.5CVSS6.3AI score0.00043EPSS

CVE•added 2024/10/28 9:15 p.m.•90 views

CVE-2024-44296

The issue was addressed with improved checks. This issue is fixed in tvOS 18.1, iOS 18.1 and iPadOS 18.1, iOS 17.7.1 and iPadOS 17.7.1, watchOS 11.1, visionOS 2.1, macOS Sequoia 15.1, Safari 18.1. Processing maliciously crafted web content may prevent Content Security Policy from being enforced.

5.4CVSS6AI score0.00381EPSS

CVE•added 2017/04/02 1:59 a.m.•89 views

CVE-2017-2460

An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and applicati...

8.8CVSS8AI score0.04408EPSS

Web

CVE•added 2017/12/27 5:8 p.m.•89 views

CVE-2017-7160

An issue was discovered in certain Apple products. iOS before 11.2 is affected. Safari before 11.0.2 is affected. iCloud before 7.2 on Windows is affected. iTunes before 12.7.2 on Windows is affected. tvOS before 11.2 is affected. The issue involves the "WebKit" component. It allows remote attacker...

8.8CVSS7.7AI score0.00889EPSS

CVE•added 2019/12/18 6:15 p.m.•89 views

CVE-2019-8628

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8CVSS8.8AI score0.00588EPSS

CVE•added 2020/10/27 9:15 p.m.•89 views

CVE-2019-8898

An information disclosure issue existed in the handling of the Storage Access API. This issue was addressed with improved logic. This issue is fixed in iOS 13.3 and iPadOS 13.3, tvOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows. Visiting a maliciously crafted website may reveal sites a user has ...

4.3CVSS4.7AI score0.00456EPSS

CVE•added 2020/02/27 9:15 p.m.•89 views

CVE-2020-3856

A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2. Processing a maliciously crafted string may lead to heap corruption.

9.3CVSS7.2AI score0.00352EPSS

CVE•added 2021/04/02 6:15 p.m.•89 views

CVE-2021-1776

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. Processing a maliciously crafted font file may lead to arbitrary...

7.8CVSS7.8AI score0.00359EPSS

CVE•added 2021/09/08 3:15 p.m.•89 views

CVE-2021-1885

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing a maliciously crafted image may lead to arbitrary code execution.

7.8CVSS8AI score0.00462EPSS

CVE•added 2021/09/08 3:15 p.m.•89 views

CVE-2021-30697

A logic issue was addressed with improved state management. This issue is fixed in tvOS 14.6, Security Update 2021-004 Mojave, iOS 14.6 and iPadOS 14.6, Security Update 2021-003 Catalina, macOS Big Sur 11.4, watchOS 7.5. A local user may be able to leak sensitive user information.

5.5CVSS5.4AI score0.00061EPSS

CVE•added 2021/09/08 3:15 p.m.•89 views

CVE-2021-30707

This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.4, tvOS 14.6, watchOS 7.5, iOS 14.6 and iPadOS 14.6. Processing a maliciously crafted audio file may lead to arbitrary code execution.

8.8CVSS8.1AI score0.01204EPSS

CVE•added 2021/09/08 2:15 p.m.•89 views

CVE-2021-30727

A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.4, tvOS 14.6, watchOS 7.5, iOS 14.6 and iPadOS 14.6. A malicious application may be able to modify protected parts of the file system.

5.5CVSS5.3AI score0.00235EPSS

CVE•added 2021/10/19 2:15 p.m.•89 views

CVE-2021-30841

This issue was addressed with improved checks. This issue is fixed in iOS 14.8 and iPadOS 14.8, macOS Big Sur 11.6, Security Update 2021-005 Catalina, tvOS 15, iOS 15 and iPadOS 15, watchOS 8. Processing a maliciously crafted dfont file may lead to arbitrary code execution.

7.8CVSS7.7AI score0.0027EPSS

CVE•added 2021/10/19 2:15 p.m.•89 views

CVE-2021-30842

7.8CVSS7.7AI score0.0027EPSS

Total number of security vulnerabilities1896