Apple

tvOS

1946 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.3

CVE-2016-4712

  • EPSS 0.35%
  • Veröffentlicht 25.09.2016 10:59:19
  • Zuletzt bearbeitet 12.04.2025 10:46:40

CoreCrypto in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows attackers to execute arbitrary code or cause a denial of service (out-of-bounds write) via a crafted app.

6.5

CVE-2016-4708

  • EPSS 4.17%
  • Veröffentlicht 25.09.2016 10:59:15
  • Zuletzt bearbeitet 12.04.2025 10:46:40

CFNetwork in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 misparses the Set-Cookie header, which allows remote attackers to obtain sensitive information via a crafted HTTP response.

10

CVE-2016-4702

  • EPSS 14.12%
  • Veröffentlicht 25.09.2016 10:59:11
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Audio in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

10

CVE-2016-4658

  • EPSS 17.88%
  • Veröffentlicht 25.09.2016 10:59:02
  • Zuletzt bearbeitet 12.04.2025 10:46:40

xpointer.c in libxml2 before 2.9.5 (as used in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3, and other products) does not forbid namespace nodes in XPointer ranges, which allows remote attackers to execute arbitrary co...

8.8

CVE-2016-4611

  • EPSS 0.92%
  • Veröffentlicht 25.09.2016 10:59:00
  • Zuletzt bearbeitet 12.04.2025 10:46:40

WebKit in Apple iOS before 10, Safari before 10, and tvOS before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4730, CVE-2016-4733...

8.8

CVE-2016-5131

  • EPSS 2.92%
  • Veröffentlicht 23.07.2016 19:59:13
  • Zuletzt bearbeitet 04.12.2025 17:15:49

Use-after-free vulnerability in libxml2 through 2.9.4, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the XPointer range-to function.

7.8

CVE-2016-4653

  • EPSS 0.08%
  • Veröffentlicht 22.07.2016 03:00:11
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The kernel in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-...

8.8

CVE-2016-4637

Exploit
  • EPSS 2.1%
  • Veröffentlicht 22.07.2016 02:59:57
  • Zuletzt bearbeitet 12.04.2025 10:46:40

CoreGraphics in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted BMP image.

7.5

CVE-2016-4632

  • EPSS 2.62%
  • Veröffentlicht 22.07.2016 02:59:53
  • Zuletzt bearbeitet 12.04.2025 10:46:40

ImageIO in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors.

8.8

CVE-2016-4631

  • EPSS 2.71%
  • Veröffentlicht 22.07.2016 02:59:51
  • Zuletzt bearbeitet 12.04.2025 10:46:40

ImageIO in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted TIFF file.