Apple

tvOS

1890 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.8

CVE-2015-7060

  • EPSS 1.37%
  • Published 11.12.2015 11:59:26
  • Last modified 12.04.2025 10:46:40

The ASN.1 decoder in Apple OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted certificate, a different vulnerability than CVE-2...

4.3

CVE-2015-7058

  • EPSS 0.52%
  • Published 11.12.2015 11:59:24
  • Last modified 12.04.2025 10:46:40

Apple iOS before 9.2, OS X before 10.11.2, and tvOS before 9.1 improperly validate keychain item ACLs, which allows attackers to obtain access to keychain items via a crafted app.

6.8

CVE-2015-7059

  • EPSS 1.37%
  • Published 11.12.2015 11:59:24
  • Last modified 12.04.2025 10:46:40

The ASN.1 decoder in Apple OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted certificate, a different vulnerability than CVE-2...

9.3

CVE-2015-7055

  • EPSS 0.62%
  • Published 11.12.2015 11:59:21
  • Last modified 12.04.2025 10:46:40

AppleMobileFileIntegrity in Apple iOS before 9.2 and tvOS before 9.1 does not prevent changes to access-control structures, which allows attackers to execute arbitrary code in a privileged context via a crafted app.

6.8

CVE-2015-7054

  • EPSS 1.14%
  • Published 11.12.2015 11:59:20
  • Last modified 12.04.2025 10:46:40

zlib in the Compression component in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 does not initialize memory for an unspecified data structure, which allows remote attackers to execute arbitrary code via a crafte...

6.8

CVE-2015-7053

  • EPSS 3.4%
  • Published 11.12.2015 11:59:19
  • Last modified 12.04.2025 10:46:40

ImageIO in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted image.

9.3

CVE-2015-7051

  • EPSS 0.76%
  • Published 11.12.2015 11:59:17
  • Last modified 12.04.2025 10:46:40

MobileStorageMounter in Apple iOS before 9.2 and tvOS before 9.1 mishandles the timing of trust-cache loading, which allows attackers to execute arbitrary code in a privileged context via a crafted app.

6.8

CVE-2015-7048

  • EPSS 1.01%
  • Published 11.12.2015 11:59:13
  • Last modified 12.04.2025 10:46:40

WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than C...

7.2

CVE-2015-7047

  • EPSS 0.75%
  • Published 11.12.2015 11:59:12
  • Last modified 12.04.2025 10:46:40

The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows local users to gain privileges via a crafted mach message that is misparsed.

2.6

CVE-2015-7046

  • EPSS 0.74%
  • Published 11.12.2015 11:59:11
  • Last modified 12.04.2025 10:46:40

The Sandbox feature in xnu in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 does not properly implement privilege separation, which allows attackers to bypass the ASLR protection mechanism via a crafted app with r...