Apple

tvOS

2009 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2016-4447

Exploit
  • EPSS 2.66%
  • Veröffentlicht 09.06.2016 16:59:05
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The xmlParseElementDecl function in parser.c in libxml2 before 2.9.4 allows context-dependent attackers to cause a denial of service (heap-based buffer underread and application crash) via a crafted file, involving xmlParseName.

8.8

CVE-2016-1859

  • EPSS 0.82%
  • Veröffentlicht 20.05.2016 11:00:13
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The WebKit Canvas implementation in Apple iOS before 9.3.2, Safari before 9.1.1, and tvOS before 9.2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.

6.5

CVE-2016-1858

  • EPSS 1.33%
  • Veröffentlicht 20.05.2016 11:00:12
  • Zuletzt bearbeitet 06.05.2026 22:30:45

WebKit, as used in Apple iOS before 9.3.2, Safari before 9.1.1, and tvOS before 9.2.1, improperly tracks taint attributes, which allows remote attackers to obtain sensitive information via a crafted web site.

8.8

CVE-2016-1857

  • EPSS 1.89%
  • Veröffentlicht 20.05.2016 11:00:11
  • Zuletzt bearbeitet 06.05.2026 22:30:45

WebKit, as used in Apple iOS before 9.3.2, Safari before 9.1.1, and tvOS before 9.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-...

8.8

CVE-2016-1856

  • EPSS 0.59%
  • Veröffentlicht 20.05.2016 11:00:10
  • Zuletzt bearbeitet 06.05.2026 22:30:45

WebKit, as used in Apple iOS before 9.3.2, Safari before 9.1.1, and tvOS before 9.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-...

8.8

CVE-2016-1854

  • EPSS 0.59%
  • Veröffentlicht 20.05.2016 11:00:08
  • Zuletzt bearbeitet 06.05.2026 22:30:45

WebKit, as used in Apple iOS before 9.3.2, Safari before 9.1.1, and tvOS before 9.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-...

8.8

CVE-2016-1855

  • EPSS 0.71%
  • Veröffentlicht 20.05.2016 11:00:08
  • Zuletzt bearbeitet 06.05.2026 22:30:45

WebKit, as used in Apple iOS before 9.3.2, Safari before 9.1.1, and tvOS before 9.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-...

8.8

CVE-2016-1847

  • EPSS 0.86%
  • Veröffentlicht 20.05.2016 11:00:00
  • Zuletzt bearbeitet 06.05.2026 22:30:45

OpenGL, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.

8.8

CVE-2016-1841

  • EPSS 1.68%
  • Veröffentlicht 20.05.2016 10:59:55
  • Zuletzt bearbeitet 06.05.2026 22:30:45

libxslt, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.

7.8

CVE-2016-1840

Exploit
  • EPSS 1.59%
  • Veröffentlicht 20.05.2016 10:59:54
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Heap-based buffer overflow in the xmlFAParsePosCharGroup function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbitrary code or cause...