Filtered by vendor Apple
Subscriptions
Filtered by product Tvos
Subscriptions
Total
1697 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2015-7061 | 1 Apple | 3 Mac Os X, Tvos, Watchos | 2024-08-06 | N/A |
The ASN.1 decoder in Apple OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted certificate, a different vulnerability than CVE-2015-7059 and CVE-2015-7060. | ||||
CVE-2015-7045 | 1 Apple | 2 Mac Os X, Tvos | 2024-08-06 | N/A |
Keychain Access in Apple OS X before 10.11.2 and tvOS before 9.1 improperly interacts with Keychain Agent, which allows attackers to spoof the Keychain Server via unspecified vectors. | ||||
CVE-2015-7001 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2024-08-06 | N/A |
AppSandbox in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 mishandles hard links, which allows attackers to bypass Contacts access revocation via a crafted app. | ||||
CVE-2015-7038 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2024-08-06 | N/A |
Buffer overflow in libc in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code via a crafted package, a different vulnerability than CVE-2015-7039. | ||||
CVE-2015-5312 | 6 Apple, Canonical, Debian and 3 more | 15 Iphone Os, Mac Os X, Tvos and 12 more | 2024-08-06 | N/A |
The xmlStringLenDecodeEntities function in parser.c in libxml2 before 2.9.3 does not properly prevent entity expansion, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted XML data, a different vulnerability than CVE-2014-3660. | ||||
CVE-2015-3807 | 1 Apple | 3 Iphone Os, Mac Os X, Tvos | 2024-08-06 | N/A |
libxml2 in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (memory corruption) via a crafted XML document. | ||||
CVE-2015-1819 | 8 Apple, Canonical, Debian and 5 more | 12 Iphone Os, Mac Os X, Tvos and 9 more | 2024-08-06 | N/A |
The xmlreader in libxml allows remote attackers to cause a denial of service (memory consumption) via crafted XML data, related to an XML Entity Expansion (XEE) attack. | ||||
CVE-2015-1099 | 1 Apple | 3 Iphone Os, Mac Os X, Tvos | 2024-08-06 | N/A |
Race condition in the setreuid system-call implementation in the kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 allows attackers to cause a denial of service via a crafted app. | ||||
CVE-2015-1081 | 1 Apple | 4 Iphone Os, Itunes, Safari and 1 more | 2024-08-06 | N/A |
WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2015-03-17-1. | ||||
CVE-2015-1124 | 1 Apple | 4 Iphone Os, Itunes, Safari and 1 more | 2024-08-06 | N/A |
WebKit, as used in Apple iOS before 8.3, Apple TV before 7.2, and Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-04-08-1, APPLE-SA-2015-04-08-3, and APPLE-SA-2015-04-08-4. | ||||
CVE-2015-1117 | 1 Apple | 3 Iphone Os, Mac Os X, Tvos | 2024-08-06 | N/A |
The (1) setreuid and (2) setregid system-call implementations in the kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 do not properly perform privilege drops, which makes it easier for attackers to execute code with unintended user or group privileges via a crafted app. | ||||
CVE-2015-1097 | 1 Apple | 2 Iphone Os, Tvos | 2024-08-06 | N/A |
IOMobileFramebuffer in Apple iOS before 8.3 and Apple TV before 7.2 allows attackers to obtain sensitive information about kernel memory via a crafted app. | ||||
CVE-2015-1094 | 1 Apple | 2 Iphone Os, Tvos | 2024-08-06 | N/A |
IOAcceleratorFamily in Apple iOS before 8.3 and Apple TV before 7.2 allows attackers to obtain sensitive information about kernel memory via a crafted app. | ||||
CVE-2015-1118 | 1 Apple | 3 Iphone Os, Mac Os X, Tvos | 2024-08-06 | N/A |
libnetcore in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 allows attackers to cause a denial of service (memory corruption and application crash) via a crafted configuration profile. | ||||
CVE-2015-1110 | 1 Apple | 2 Iphone Os, Tvos | 2024-08-06 | N/A |
The Podcasts component in Apple iOS before 8.3 and Apple TV before 7.2 allows remote attackers to discover unique identifiers by reading asset-download request data. | ||||
CVE-2015-1069 | 1 Apple | 5 Iphone Os, Itunes, Mac Os X and 2 more | 2024-08-06 | N/A |
WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2015-03-17-1. | ||||
CVE-2015-1062 | 1 Apple | 2 Iphone Os, Tvos | 2024-08-06 | N/A |
MobileStorageMounter in Apple iOS before 8.2 and Apple TV before 7.1 does not delete invalid disk-image folders, which allows attackers to create folders in arbitrary filesystem locations via a crafted app. | ||||
CVE-2015-1073 | 1 Apple | 4 Iphone Os, Itunes, Safari and 1 more | 2024-08-06 | N/A |
WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2015-03-17-1. | ||||
CVE-2015-1122 | 1 Apple | 4 Iphone Os, Itunes, Safari and 1 more | 2024-08-06 | N/A |
WebKit, as used in Apple iOS before 8.3, Apple TV before 7.2, and Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-04-08-1, APPLE-SA-2015-04-08-3, and APPLE-SA-2015-04-08-4. | ||||
CVE-2015-1086 | 1 Apple | 2 Iphone Os, Tvos | 2024-08-06 | N/A |
The Audio Drivers subsystem in Apple iOS before 8.3 and Apple TV before 7.2 does not properly validate IOKit object metadata, which allows attackers to execute arbitrary code in a privileged context via a crafted app. |