Apple

tvOS

1890 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
10

CVE-2016-4448

  • EPSS 1.2%
  • Veröffentlicht 09.06.2016 16:59:06
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Format string vulnerability in libxml2 before 2.9.4 allows attackers to have unspecified impact via format string specifiers in unknown vectors.

7.5

CVE-2016-4447

Exploit
  • EPSS 3.33%
  • Veröffentlicht 09.06.2016 16:59:05
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The xmlParseElementDecl function in parser.c in libxml2 before 2.9.4 allows context-dependent attackers to cause a denial of service (heap-based buffer underread and application crash) via a crafted file, involving xmlParseName.

8.8

CVE-2016-1859

  • EPSS 0.59%
  • Veröffentlicht 20.05.2016 11:00:13
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The WebKit Canvas implementation in Apple iOS before 9.3.2, Safari before 9.1.1, and tvOS before 9.2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.

6.5

CVE-2016-1858

  • EPSS 1.33%
  • Veröffentlicht 20.05.2016 11:00:12
  • Zuletzt bearbeitet 12.04.2025 10:46:40

WebKit, as used in Apple iOS before 9.3.2, Safari before 9.1.1, and tvOS before 9.2.1, improperly tracks taint attributes, which allows remote attackers to obtain sensitive information via a crafted web site.

8.8

CVE-2016-1857

  • EPSS 1.36%
  • Veröffentlicht 20.05.2016 11:00:11
  • Zuletzt bearbeitet 12.04.2025 10:46:40

WebKit, as used in Apple iOS before 9.3.2, Safari before 9.1.1, and tvOS before 9.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-...

8.8

CVE-2016-1856

  • EPSS 0.59%
  • Veröffentlicht 20.05.2016 11:00:10
  • Zuletzt bearbeitet 12.04.2025 10:46:40

WebKit, as used in Apple iOS before 9.3.2, Safari before 9.1.1, and tvOS before 9.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-...

8.8

CVE-2016-1854

  • EPSS 0.59%
  • Veröffentlicht 20.05.2016 11:00:08
  • Zuletzt bearbeitet 12.04.2025 10:46:40

WebKit, as used in Apple iOS before 9.3.2, Safari before 9.1.1, and tvOS before 9.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-...

8.8

CVE-2016-1855

  • EPSS 0.71%
  • Veröffentlicht 20.05.2016 11:00:08
  • Zuletzt bearbeitet 12.04.2025 10:46:40

WebKit, as used in Apple iOS before 9.3.2, Safari before 9.1.1, and tvOS before 9.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-...

8.8

CVE-2016-1847

  • EPSS 0.86%
  • Veröffentlicht 20.05.2016 11:00:00
  • Zuletzt bearbeitet 12.04.2025 10:46:40

OpenGL, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.

8.8

CVE-2016-1841

  • EPSS 1.68%
  • Veröffentlicht 20.05.2016 10:59:55
  • Zuletzt bearbeitet 12.04.2025 10:46:40

libxslt, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.