Tvos@7.1 Security Vulnerabilities and Issues — Tvos@7.1 CVE List

Lucene search

AppleTvos7.1

38 matches found

CVE•added 2015/03/18 10:59 p.m.•74 views

CVE-2015-1069

WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2015-03...

6.8CVSS8.8AI score0.00872EPSS

CVE•added 2015/03/18 10:59 p.m.•72 views

CVE-2015-1071

6.8CVSS8.8AI score0.00805EPSS

CVE•added 2015/04/10 2:59 p.m.•70 views

CVE-2015-1096

IOHIDFamily in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 allows attackers to obtain sensitive information about kernel memory via a crafted app.

1.9CVSS4.7AI score0.00074EPSS

CVE•added 2015/04/10 2:59 p.m.•69 views

CVE-2015-1120

WebKit, as used in Apple iOS before 8.3, Apple TV before 7.2, and Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerabi...

6.8CVSS8.9AI score0.00781EPSS

CVE•added 2015/03/18 10:59 p.m.•68 views

CVE-2015-1077

6.8CVSS8.8AI score0.00913EPSS

CVE•added 2015/04/10 2:59 p.m.•67 views

CVE-2015-1117

The (1) setreuid and (2) setregid system-call implementations in the kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 do not properly perform privilege drops, which makes it easier for attackers to execute code with unintended user or group privileges via a crafted...

6.9CVSS6.6AI score0.00126EPSS

CVE•added 2015/04/10 2:59 p.m.•66 views

CVE-2015-1099

Race condition in the setreuid system-call implementation in the kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 allows attackers to cause a denial of service via a crafted app.

4CVSS6AI score0.00072EPSS

CVE•added 2015/04/10 2:59 p.m.•66 views

CVE-2015-1100

The kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 allows attackers to cause a denial of service (out-of-bounds memory access) or obtain sensitive memory-content information via a crafted app.

5.4CVSS6.1AI score0.00252EPSS

CVE•added 2015/03/18 10:59 p.m.•61 views

CVE-2015-1078

6.8CVSS7.8AI score0.00913EPSS

CVE•added 2015/03/18 10:59 p.m.•61 views

CVE-2015-1083

6.8CVSS7.8AI score0.00861EPSS

CVE•added 2015/04/10 2:59 p.m.•61 views

CVE-2015-1105

The TCP implementation in the kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 does not properly implement the Urgent (aka out-of-band data) mechanism, which allows remote attackers to cause a denial of service via crafted packets.

5CVSS6.2AI score0.06234EPSS

CVE•added 2015/03/18 10:59 p.m.•60 views

CVE-2015-1074

6.8CVSS7.8AI score0.00787EPSS

CVE•added 2015/03/18 10:59 p.m.•59 views

CVE-2015-1076

6.8CVSS8.8AI score0.00805EPSS

CVE•added 2015/04/10 2:59 p.m.•59 views

CVE-2015-1101

The kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

6.9CVSS7AI score0.00071EPSS

CVE•added 2015/04/10 2:59 p.m.•58 views

CVE-2015-1104

The kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 does not properly determine whether an IPv6 packet had a local origin, which allows remote attackers to bypass an intended network-filtering protection mechanism via a crafted packet.

5CVSS6AI score0.01373EPSS

CVE•added 2015/03/18 10:59 p.m.•57 views

CVE-2015-1079

6.8CVSS7.8AI score0.00843EPSS

CVE•added 2015/03/18 10:59 p.m.•57 views

CVE-2015-1082

6.8CVSS8.8AI score0.00913EPSS

CVE•added 2015/04/10 2:59 p.m.•57 views

CVE-2015-1102

The kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 does not properly handle TCP headers, which allows man-in-the-middle attackers to cause a denial of service via unspecified vectors.

7.1CVSS6AI score0.01687EPSS

CVE•added 2015/04/10 2:59 p.m.•57 views

CVE-2015-1121

6.8CVSS8.9AI score0.00843EPSS

CVE•added 2015/04/10 2:59 p.m.•56 views

CVE-2015-1103

The kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 makes routing changes in response to ICMP_REDIRECT messages, which allows remote attackers to cause a denial of service (network outage) or obtain sensitive packet-content information via a crafted ICMP packet.

7.5CVSS6.2AI score0.01456EPSS

CVE•added 2015/03/18 10:59 p.m.•55 views

CVE-2015-1070

6.8CVSS8.8AI score0.00787EPSS

CVE•added 2015/03/18 10:59 p.m.•55 views

CVE-2015-1081

6.8CVSS8.8AI score0.00861EPSS

CVE•added 2015/04/10 2:59 p.m.•55 views

CVE-2015-1110

The Podcasts component in Apple iOS before 8.3 and Apple TV before 7.2 allows remote attackers to discover unique identifiers by reading asset-download request data.

5CVSS5.9AI score0.00735EPSS

CVE•added 2015/04/10 2:59 p.m.•55 views

CVE-2015-1118

libnetcore in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 allows attackers to cause a denial of service (memory corruption and application crash) via a crafted configuration profile.

5CVSS6.4AI score0.00875EPSS

CVE•added 2015/04/10 2:59 p.m.•55 views

CVE-2015-1119

6.8CVSS8.9AI score0.00913EPSS

CVE•added 2015/04/10 2:59 p.m.•55 views

CVE-2015-1122

6.8CVSS8.9AI score0.00836EPSS

CVE•added 2015/04/10 2:59 p.m.•54 views

CVE-2015-1095

IOHIDFamily in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 allows physically proximate attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted HID device.

7.2CVSS7.2AI score0.00216EPSS

CVE•added 2015/03/18 10:59 p.m.•53 views

CVE-2015-1072

6.8CVSS8.8AI score0.00787EPSS

CVE•added 2015/04/10 2:59 p.m.•53 views

CVE-2015-1124

6.8CVSS8.9AI score0.00913EPSS

CVE•added 2015/03/18 10:59 p.m.•52 views

CVE-2015-1080

6.8CVSS7.8AI score0.00913EPSS

CVE•added 2015/04/10 2:59 p.m.•51 views

CVE-2015-1086

The Audio Drivers subsystem in Apple iOS before 8.3 and Apple TV before 7.2 does not properly validate IOKit object metadata, which allows attackers to execute arbitrary code in a privileged context via a crafted app.

6.9CVSS6.8AI score0.00057EPSS

CVE•added 2015/03/18 10:59 p.m.•50 views

CVE-2015-1068

6.8CVSS8.8AI score0.00853EPSS

CVE•added 2015/03/18 10:59 p.m.•50 views

CVE-2015-1073

6.8CVSS8.8AI score0.00787EPSS

CVE•added 2015/04/10 2:59 p.m.•50 views

CVE-2015-1097

IOMobileFramebuffer in Apple iOS before 8.3 and Apple TV before 7.2 allows attackers to obtain sensitive information about kernel memory via a crafted app.

1.9CVSS4.8AI score0.00074EPSS

CVE•added 2015/04/10 2:59 p.m.•48 views

CVE-2015-1094

IOAcceleratorFamily in Apple iOS before 8.3 and Apple TV before 7.2 allows attackers to obtain sensitive information about kernel memory via a crafted app.

1.9CVSS4.8AI score0.00074EPSS

CVE•added 2015/04/10 2:59 p.m.•44 views

CVE-2015-1114

The Sandbox Profiles component in Apple iOS before 8.3 and Apple TV before 7.2 allows attackers to discover hardware identifiers via a crafted app.

1.9CVSS5.6AI score0.00074EPSS

CVE•added 2015/04/10 2:59 p.m.•44 views

CVE-2015-1123

WebKit, as used in Apple iOS before 8.3 and Apple TV before 7.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-04-08-3 and APPL...

6.8CVSS7.9AI score0.02011EPSS

CVE•added 2015/04/10 2:59 p.m.•41 views

CVE-2015-1092

NSXMLParser in Foundation in Apple iOS before 8.3 and Apple TV before 7.2 allows remote attackers to read arbitrary files via an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.

5CVSS6AI score0.00823EPSS