Apple

tvOS

1926 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2015-7040

  • EPSS 1.08%
  • Veröffentlicht 11.12.2015 11:59:05
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to cause a denial of service via a crafted app, a different vulnerability than CVE-2015-7041, CVE-2015-7042, and CVE-2015-7043.

6.8

CVE-2015-7039

  • EPSS 27.36%
  • Veröffentlicht 11.12.2015 11:59:04
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Buffer overflow in libc in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code via a crafted package, a different vulnerability than CVE-2015-7038.

6.8

CVE-2015-7038

  • EPSS 6.46%
  • Veröffentlicht 11.12.2015 11:59:02
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Buffer overflow in libc in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code via a crafted package, a different vulnerability than CVE-2015-7039.

6.8

CVE-2015-7001

  • EPSS 0.91%
  • Veröffentlicht 11.12.2015 11:59:00
  • Zuletzt bearbeitet 12.04.2025 10:46:40

AppSandbox in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 mishandles hard links, which allows attackers to bypass Contacts access revocation via a crafted app.

2.6

CVE-2015-8035

Exploit
  • EPSS 1.05%
  • Veröffentlicht 18.11.2015 16:59:09
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The xz_decomp function in xzlib.c in libxml2 2.9.1 does not properly detect compression errors, which allows context-dependent attackers to cause a denial of service (process hang) via crafted XML data.

6.8

CVE-2015-7942

Exploit
  • EPSS 1.46%
  • Veröffentlicht 18.11.2015 16:59:06
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The xmlParseConditionalSections function in parser.c in libxml2 does not properly skip intermediary entities when it stops parsing invalid input, which allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via...

5

CVE-2015-7995

Exploit
  • EPSS 3.04%
  • Veröffentlicht 17.11.2015 15:59:16
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The xsltStylePreCompute function in preproc.c in libxslt 1.1.28 does not check if the parent node is an element, which allows attackers to cause a denial of service via a crafted XML file, related to a "type confusion" issue.

4.3

CVE-2015-3807

  • EPSS 2.37%
  • Veröffentlicht 17.08.2015 00:00:22
  • Zuletzt bearbeitet 12.04.2025 10:46:40

libxml2 in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (memory corruption) via a crafted XML document.

5

CVE-2015-1819

  • EPSS 4.92%
  • Veröffentlicht 14.08.2015 18:59:03
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The xmlreader in libxml allows remote attackers to cause a denial of service (memory consumption) via crafted XML data, related to an XML Entity Expansion (XEE) attack.

6.8

CVE-2015-1124

  • EPSS 0.91%
  • Veröffentlicht 10.04.2015 14:59:38
  • Zuletzt bearbeitet 12.04.2025 10:46:40

WebKit, as used in Apple iOS before 8.3, Apple TV before 7.2, and Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application cra...