U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:o:apple:tvos:2.2.0:*:*:*:*:*:*:*
  • CPE Name Search: true
There are 1,624 matching records.
Displaying matches 1,401 through 1,420.
Vuln ID Summary CVSS Severity
CVE-2016-1751

The kernel in Apple iOS before 9.3, tvOS before 9.2, and watchOS before 2.2 does not properly restrict the execute permission, which allows attackers to bypass a code-signing protection mechanism via a crafted app.

Published: March 23, 2016; 9:59:21 PM -0400
V3.0: 7.8 HIGH
V2.0: 6.8 MEDIUM
CVE-2016-1750

Use-after-free vulnerability in the kernel in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9.2, and watchOS before 2.2 allows attackers to execute arbitrary code in a privileged context via a crafted app.

Published: March 23, 2016; 9:59:20 PM -0400
V3.0: 7.8 HIGH
V2.0: 9.3 HIGH
CVE-2016-1748

IOHIDFamily in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9.2, and watchOS before 2.2 allows attackers to obtain sensitive kernel memory-layout information via a crafted app.

Published: March 23, 2016; 9:59:18 PM -0400
V3.0: 3.3 LOW
V2.0: 4.3 MEDIUM
CVE-2016-1740

FontParser in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9.2, and watchOS before 2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted PDF document.

Published: March 23, 2016; 9:59:11 PM -0400
V3.0: 7.8 HIGH
V2.0: 9.3 HIGH
CVE-2016-1950

Heap-based buffer overflow in Mozilla Network Security Services (NSS) before 3.19.2.3 and 3.20.x and 3.21.x before 3.21.1, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to execute arbitrary code via crafted ASN.1 data in an X.509 certificate.

Published: March 13, 2016; 2:59:00 PM -0400
V3.0: 8.8 HIGH
V2.0: 6.8 MEDIUM
CVE-2016-0802

The Broadcom Wi-Fi driver in the kernel in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49G, and 6.x before 2016-02-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted wireless control message packets, aka internal bug 25306181.

Published: February 06, 2016; 8:59:01 PM -0500
V3.0: 8.8 HIGH
V2.0: 8.3 HIGH
CVE-2016-0801

The Broadcom Wi-Fi driver in the kernel in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49G, and 6.x before 2016-02-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted wireless control message packets, aka internal bug 25662029.

Published: February 06, 2016; 8:59:00 PM -0500
V3.0: 9.8 CRITICAL
V2.0: 8.3 HIGH
CVE-2016-1727

WebKit, as used in Apple iOS before 9.2.1, Safari before 9.0.3, and tvOS before 9.1.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-1724.

Published: February 01, 2016; 6:59:12 AM -0500
V3.0: 8.8 HIGH
V2.0: 9.3 HIGH
CVE-2016-1724

WebKit, as used in Apple iOS before 9.2.1, Safari before 9.0.3, and tvOS before 9.1.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-1727.

Published: February 01, 2016; 6:59:09 AM -0500
V3.0: 8.8 HIGH
V2.0: 6.8 MEDIUM
CVE-2016-1722

syslog in Apple iOS before 9.2.1, OS X before 10.11.3, and tvOS before 9.1.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.

Published: February 01, 2016; 6:59:06 AM -0500
V3.0: 7.8 HIGH
V2.0: 7.2 HIGH
CVE-2016-1721

The kernel in Apple iOS before 9.2.1, OS X before 10.11.3, and tvOS before 9.1.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.

Published: February 01, 2016; 6:59:05 AM -0500
V3.0: 7.8 HIGH
V2.0: 7.2 HIGH
CVE-2016-1720

IOKit in Apple iOS before 9.2.1, OS X before 10.11.3, and tvOS before 9.1.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.

Published: February 01, 2016; 6:59:04 AM -0500
V3.0: 7.8 HIGH
V2.0: 7.2 HIGH
CVE-2016-1719

The IOHIDFamily API in Apple iOS before 9.2.1, OS X before 10.11.3, and tvOS before 9.1.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.

Published: February 01, 2016; 6:59:03 AM -0500
V3.0: 7.8 HIGH
V2.0: 7.2 HIGH
CVE-2016-1717

The Disk Images component in Apple iOS before 9.2.1, OS X before 10.11.3, and tvOS before 9.1.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.

Published: February 01, 2016; 6:59:01 AM -0500
V3.0: 7.8 HIGH
V2.0: 7.2 HIGH
CVE-2015-8659

The idle stream handling in nghttp2 before 1.6.0 allows attackers to have unspecified impact via unknown vectors, aka a heap-use-after-free bug.

Published: January 12, 2016; 2:59:13 PM -0500
V3.0: 10.0 CRITICAL
V2.0: 10.0 HIGH
CVE-2015-7116

libxml2 in Apple iOS before 9.2, OS X before 10.11.2, and tvOS before 9.1 allows remote attackers to obtain sensitive information or cause a denial of service (memory corruption) via a crafted XML document, a different vulnerability than CVE-2015-7115.

Published: January 09, 2016; 10:59:01 PM -0500
V3.0: 4.3 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2015-7115

libxml2 in Apple iOS before 9.2, OS X before 10.11.2, and tvOS before 9.1 allows remote attackers to obtain sensitive information or cause a denial of service (memory corruption) via a crafted XML document, a different vulnerability than CVE-2015-7116.

Published: January 09, 2016; 10:59:00 PM -0500
V3.0: 4.3 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2015-8242

The xmlSAX2TextNode function in SAX2.c in the push interface in the HTML parser in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service (stack-based buffer over-read and application crash) or obtain sensitive information via crafted XML data.

Published: December 15, 2015; 4:59:07 PM -0500
V3.x:(not available)
V2.0: 5.8 MEDIUM
CVE-2015-7500

The xmlParseMisc function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service (out-of-bounds heap read) via unspecified vectors related to incorrect entities boundaries and start tags.

Published: December 15, 2015; 4:59:05 PM -0500
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2015-7499

Heap-based buffer overflow in the xmlGROW function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to obtain sensitive process memory information via unspecified vectors.

Published: December 15, 2015; 4:59:03 PM -0500
V3.x:(not available)
V2.0: 5.0 MEDIUM