Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
AppleTvos

1896 matches found

cve
cveadded 2015/12/11 12:0 p.m.55 views

CVE-2015-7105

CoreGraphics in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file.

6.8CVSS9AI score0.02531EPSS
cve
cveadded 2017/02/20 8:59 a.m.55 views

CVE-2016-7584

An issue was discovered in certain Apple products. iOS before 10.1 is affected. macOS before 10.12.1 is affected. tvOS before 10.0.1 is affected. watchOS before 3.1 is affected. The issue involves the "AppleMobileFileIntegrity" component, which allows remote attackers to spoof signed code by using ...

7.8CVSS6.6AI score0.00289EPSS
cve
cveadded 2017/05/22 5:29 a.m.55 views

CVE-2017-6987

An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "Kernel" component. It allows attackers to bypass intended memory-read restrictions via a craf...

5.5CVSS5.4AI score0.00242EPSS
cve
cveadded 2020/10/27 8:15 p.m.55 views

CVE-2018-4381

A resource exhaustion issue was addressed with improved input validation. This issue is fixed in tvOS 12.1, iOS 12.1. Processing a maliciously crafted message may lead to a denial of service.

5.5CVSS5.2AI score0.00143EPSS
cve
cveadded 2023/06/23 6:15 p.m.55 views

CVE-2023-32415

This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 16.5 and iPadOS 16.5, tvOS 16.5, macOS Ventura 13.4. An app may be able to read sensitive location information.

5.5CVSS4.9AI score0.00036EPSS
cve
cveadded 2023/09/06 2:15 a.m.55 views

CVE-2023-32428

This issue was addressed with improved file handling. This issue is fixed in macOS Ventura 13.4, tvOS 16.5, iOS 16.5 and iPadOS 16.5, watchOS 9.5. An app may be able to gain root privileges.

7.8CVSS7.3AI score0.00912EPSS
cve
cveadded 2024/10/28 9:15 p.m.55 views

CVE-2024-44252

A logic issue was addressed with improved file handling. This issue is fixed in iOS 18.1 and iPadOS 18.1, iOS 17.7.1 and iPadOS 17.7.1, visionOS 2.1, tvOS 18.1. Restoring a maliciously crafted backup file may lead to modification of protected system files.

7.1CVSS5.5AI score0.00058EPSS
cve
cveadded 2025/03/17 8:15 p.m.55 views

CVE-2024-54525

A logic issue was addressed with improved file handling. This issue is fixed in visionOS 2.2, watchOS 11.2, tvOS 18.2, macOS Sequoia 15.2, iOS 18.2 and iPadOS 18.2. Restoring a maliciously crafted backup file may lead to modification of protected system files.

8.8CVSS5.7AI score0.00641EPSS
Web
cve
cveadded 2025/01/27 10:15 p.m.55 views

CVE-2025-24129

A type confusion issue was addressed with improved checks. This issue is fixed in visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. A remote attacker may cause an unexpected app termination.

7.5CVSS6AI score0.00243EPSS
cve
cveadded 2025/04/29 3:15 a.m.55 views

CVE-2025-24251

The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.4, tvOS 18.4, macOS Ventura 13.7.5, iPadOS 17.7.6, macOS Sonoma 14.7.5, iOS 18.4 and iPadOS 18.4, watchOS 11.4, visionOS 2.4. An attacker on the local network may cause an unexpected app termination.

6.5CVSS7.8AI score0.00027EPSS
cve
cveadded 2025/04/29 3:15 a.m.55 views

CVE-2025-31197

The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.4, tvOS 18.4, macOS Ventura 13.7.5, iPadOS 17.7.6, macOS Sonoma 14.7.5, iOS 18.4 and iPadOS 18.4, visionOS 2.4. An attacker on the local network may cause an unexpected app termination.

5.7CVSS7.8AI score0.00036EPSS
cve
cveadded 2014/09/18 10:55 a.m.54 views

CVE-2014-4375

Double free vulnerability in Apple iOS before 8 and Apple TV before 7 allows local users to gain privileges or cause a denial of service (device crash) via vectors related to Mach ports.

7.8CVSS7.3AI score0.00054EPSS
cve
cveadded 2014/11/18 11:59 a.m.54 views

CVE-2014-4452

WebKit, as used in Apple iOS before 8.1.1 and Apple TV before 7.0.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-4462.

5.4CVSS7.7AI score0.01266EPSS
cve
cveadded 2014/12/10 9:59 p.m.54 views

CVE-2014-4469

WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-...

6.8CVSS7.8AI score0.00843EPSS
cve
cveadded 2014/12/10 9:59 p.m.54 views

CVE-2014-4473

WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-...

6.8CVSS7.8AI score0.00843EPSS
cve
cveadded 2015/01/30 11:59 a.m.54 views

CVE-2014-4481

Integer overflow in CoreGraphics in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and Apple TV before 7.0.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document.

6.8CVSS5.1AI score0.08613EPSS
cve
cveadded 2015/04/10 2:59 p.m.54 views

CVE-2015-1095

IOHIDFamily in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 allows physically proximate attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted HID device.

7.2CVSS7.2AI score0.00216EPSS
cve
cveadded 2015/12/11 11:59 a.m.54 views

CVE-2015-7041

The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to cause a denial of service via a crafted app, a different vulnerability than CVE-2015-7040, CVE-2015-7042, and CVE-2015-7043.

4.3CVSS7.6AI score0.01078EPSS
cve
cveadded 2015/12/11 11:59 a.m.54 views

CVE-2015-7046

The Sandbox feature in xnu in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 does not properly implement privilege separation, which allows attackers to bypass the ASLR protection mechanism via a crafted app with root privileges.

2.6CVSS7.8AI score0.00738EPSS
cve
cveadded 2015/12/11 11:59 a.m.54 views

CVE-2015-7074

CoreMedia Playback in Apple iOS before 9.2, OS X before 10.11.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a malformed media file.

6.8CVSS9AI score0.02828EPSS
cve
cveadded 2016/07/22 2:59 a.m.54 views

CVE-2016-4582

The kernel in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1863 and CVE-2016-4653.

7.8CVSS7.6AI score0.00268EPSS
cve
cveadded 2017/05/22 5:29 a.m.54 views

CVE-2017-2513

An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "SQLite" component. A use-after-free vulnerability allows remote attackers to execute arbitrar...

9.8CVSS8.7AI score0.01982EPSS
cve
cveadded 2017/05/22 5:29 a.m.54 views

CVE-2017-2522

An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "CoreFoundation" component. It allows remote attackers to execute arbitrary code or cause a de...

9.8CVSS8.7AI score0.13046EPSS
cve
cveadded 2017/05/22 5:29 a.m.54 views

CVE-2017-6979

An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "IOSurface" component. A race condition allows attackers to execute arbitrary code in a privil...

7.6CVSS7.3AI score0.02343EPSS
cve
cveadded 2019/04/03 6:29 p.m.54 views

CVE-2018-4460

A denial of service issue was addressed by removing the vulnerable code. This issue affected versions prior to iOS 12.1.1, macOS Mojave 10.14.2, tvOS 12.1.1, watchOS 5.1.2.

6.5CVSS6.1AI score0.00702EPSS
cve
cveadded 2020/10/27 8:15 p.m.54 views

CVE-2018-4474

A memory consumption issue was addressed with improved memory handling. This issue is fixed in iCloud for Windows 7.7, watchOS 5, Safari 12, iOS 12, iTunes 12.9 for Windows, tvOS 12. Unexpected interaction causes an ASSERT failure.

7.5CVSS7.1AI score0.00862EPSS
cve
cveadded 2022/11/01 8:15 p.m.54 views

CVE-2022-32925

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in tvOS 16, iOS 16, watchOS 9. An app may be able to cause unexpected system termination or write kernel memory.

7.1CVSS6.8AI score0.00071EPSS
cve
cveadded 2024/07/29 9:15 p.m.54 views

CVE-2023-40396

The issue was addressed with improved memory handling. This issue is fixed in iOS 17 and iPadOS 17, macOS Sonoma 14, watchOS 10, tvOS 17. An app may be able to execute arbitrary code with kernel privileges.

7.8CVSS7AI score0.00193EPSS
cve
cveadded 2023/09/27 3:19 p.m.54 views

CVE-2023-40520

The issue was addressed with improved checks. This issue is fixed in tvOS 17, iOS 17 and iPadOS 17, watchOS 10. An app may be able to access edited photos saved to a temporary directory.

3.3CVSS2.8AI score0.0003EPSS
cve
cveadded 2024/12/12 2:15 a.m.54 views

CVE-2024-54501

The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.3, watchOS 11.2, visionOS 2.2, tvOS 18.2, macOS Sequoia 15.2, iOS 18.2 and iPadOS 18.2, macOS Ventura 13.7.2, macOS Sonoma 14.7.2. Processing a maliciously crafted file may lead to a denial of service.

5.5CVSS5.7AI score0.00061EPSS
cve
cveadded 2024/12/12 2:15 a.m.54 views

CVE-2024-54513

A permissions issue was addressed with additional restrictions. This issue is fixed in watchOS 11.2, visionOS 2.2, tvOS 18.2, macOS Sequoia 15.2, iOS 18.2 and iPadOS 18.2. An app may be able to access sensitive user data.

5.7CVSS5.5AI score0.00028EPSS
cve
cveadded 2025/04/29 3:15 a.m.54 views

CVE-2025-30445

A type confusion issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.4, tvOS 18.4, macOS Ventura 13.7.5, iPadOS 17.7.6, macOS Sonoma 14.7.5, iOS 18.4 and iPadOS 18.4, visionOS 2.4. An attacker on the local network may cause an unexpected app termination.

6.5CVSS7.8AI score0.00039EPSS
cve
cveadded 2013/12/18 4:4 p.m.53 views

CVE-2013-5197

WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-12-16-1.

6.8CVSS7.8AI score0.02121EPSS
cve
cveadded 2014/04/23 11:52 a.m.53 views

CVE-2014-1296

CFNetwork in Apple iOS before 7.1.1, Apple OS X through 10.9.2, and Apple TV before 6.1.1 does not ensure that a Set-Cookie HTTP header is complete before interpreting the header's value, which allows remote attackers to bypass intended access restrictions by triggering the closing of a TCP connect...

4.3CVSS5.9AI score0.00207EPSS
cve
cveadded 2014/07/01 10:17 a.m.53 views

CVE-2014-1363

WebKit, as used in Apple iOS before 7.1.2, Apple Safari before 6.1.5 and 7.x before 7.0.5, and Apple TV before 6.1.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other...

6.8CVSS7.8AI score0.01171EPSS
cve
cveadded 2014/09/18 10:55 a.m.53 views

CVE-2014-4407

IOKit in Apple iOS before 8 and Apple TV before 7 does not properly initialize kernel memory, which allows attackers to obtain sensitive memory-content information via an application that makes crafted IOKit function calls.

4.3CVSS3.7AI score0.00215EPSS
cve
cveadded 2014/09/18 10:55 a.m.53 views

CVE-2014-4418

IOKit in Apple iOS before 8 and Apple TV before 7 does not properly validate IODataQueue object metadata, which allows attackers to execute arbitrary code in a privileged context via an application that provides crafted values in unspecified metadata fields, a different vulnerability than CVE-2014-...

9.3CVSS7.5AI score0.00543EPSS
cve
cveadded 2015/03/18 10:59 p.m.53 views

CVE-2015-1072

WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2015-03...

6.8CVSS8.8AI score0.00787EPSS
cve
cveadded 2015/04/10 2:59 p.m.53 views

CVE-2015-1124

WebKit, as used in Apple iOS before 8.3, Apple TV before 7.2, and Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerabi...

6.8CVSS8.9AI score0.00913EPSS
cve
cveadded 2015/12/11 11:59 a.m.53 views

CVE-2015-7059

The ASN.1 decoder in Apple OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted certificate, a different vulnerability than CVE-2015-7060 and CVE-2015-7061.

6.8CVSS9.1AI score0.01371EPSS
cve
cveadded 2015/12/11 11:59 a.m.53 views

CVE-2015-7100

WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-7048, CVE-2015-7095, CVE-2015-7096, CVE-2...

6.8CVSS8.9AI score0.01093EPSS
cve
cveadded 2015/12/11 12:0 p.m.53 views

CVE-2015-7112

The IOHIDFamily API in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2015-7111.

9.3CVSS8.8AI score0.19674EPSS
Web
cve
cveadded 2016/02/01 11:59 a.m.53 views

CVE-2016-1717

The Disk Images component in Apple iOS before 9.2.1, OS X before 10.11.3, and tvOS before 9.1.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.

7.8CVSS7AI score0.00083EPSS
cve
cveadded 2016/02/01 11:59 a.m.53 views

CVE-2016-1722

syslog in Apple iOS before 9.2.1, OS X before 10.11.3, and tvOS before 9.1.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.

7.8CVSS7AI score0.00083EPSS
cve
cveadded 2016/05/20 10:59 a.m.53 views

CVE-2016-1808

The Disk Images subsystem in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

9.3CVSS7.6AI score0.00353EPSS
cve
cveadded 2016/07/22 2:59 a.m.53 views

CVE-2016-4637

CoreGraphics in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted BMP image.

8.8CVSS8.9AI score0.02898EPSS
Web
cve
cveadded 2017/02/20 8:59 a.m.53 views

CVE-2016-4680

An issue was discovered in certain Apple products. iOS before 10.1 is affected. tvOS before 10.0.1 is affected. watchOS before 3.1 is affected. The issue involves the "Kernel" component. It allows attackers to obtain sensitive information from kernel memory via a crafted app.

5.5CVSS4.6AI score0.00247EPSS
cve
cveadded 2017/11/13 3:29 a.m.53 views

CVE-2017-13799

An issue was discovered in certain Apple products. iOS before 11.1 is affected. macOS before 10.13.1 is affected. tvOS before 11.1 is affected. watchOS before 4.1 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a...

9.3CVSS7.7AI score0.00386EPSS
cve
cveadded 2017/11/13 3:29 a.m.53 views

CVE-2017-13852

An issue was discovered in certain Apple products. iOS before 11.1 is affected. macOS before 10.13.1 is affected. tvOS before 11.1 is affected. watchOS before 4.1 is affected. The issue involves the "Kernel" component. It allows attackers to monitor arbitrary apps via a crafted app that accesses pr...

4.3CVSS4AI score0.00228EPSS
cve
cveadded 2017/05/22 5:29 a.m.53 views

CVE-2017-2502

An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "CoreAudio" component. It allows attackers to bypass intended memory-read restrictions via a c...

5.5CVSS5.4AI score0.00265EPSS
Total number of security vulnerabilities1896