U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:o:apple:tvos:4.4.2:*:*:*:*:*:*:*
  • CPE Name Search: true
There are 1,663 matching records.
Displaying matches 1,361 through 1,380.
Vuln ID Summary CVSS Severity
CVE-2016-4734

WebKit in Apple iOS before 10, Safari before 10, and tvOS before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4611, CVE-2016-4730, CVE-2016-4733, and CVE-2016-4735.

Published: September 25, 2016; 6:59:37 AM -0400
V4.0:(not available)
V3.0: 9.6 CRITICAL
V2.0: 9.3 HIGH
CVE-2016-4733

WebKit in Apple iOS before 10, Safari before 10, and tvOS before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4611, CVE-2016-4730, CVE-2016-4734, and CVE-2016-4735.

Published: September 25, 2016; 6:59:36 AM -0400
V4.0:(not available)
V3.0: 7.8 HIGH
V2.0: 9.3 HIGH
CVE-2016-4730

WebKit in Apple iOS before 10, Safari before 10, and tvOS before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4611, CVE-2016-4733, CVE-2016-4734, and CVE-2016-4735.

Published: September 25, 2016; 6:59:34 AM -0400
V4.0:(not available)
V3.0: 8.8 HIGH
V2.0: 9.3 HIGH
CVE-2016-4728

WebKit in Apple iOS before 10, tvOS before 10, iTunes before 12.5.1 on Windows, and Safari before 10 mishandles error prototypes, which allows remote attackers to execute arbitrary code via a crafted web site.

Published: September 25, 2016; 6:59:32 AM -0400
V4.0:(not available)
V3.0: 8.8 HIGH
V2.0: 6.8 MEDIUM
CVE-2016-4726

IOAcceleratorFamily in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

Published: September 25, 2016; 6:59:30 AM -0400
V4.0:(not available)
V3.0: 7.8 HIGH
V2.0: 9.3 HIGH
CVE-2016-4725

IOAcceleratorFamily in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (memory corruption) via a crafted web site.

Published: September 25, 2016; 6:59:29 AM -0400
V4.0:(not available)
V3.0: 8.1 HIGH
V2.0: 5.8 MEDIUM
CVE-2016-4718

Buffer overflow in FontParser in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows remote attackers to obtain sensitive information from process memory via a crafted font file.

Published: September 25, 2016; 6:59:25 AM -0400
V4.0:(not available)
V3.0: 6.5 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2016-4712

CoreCrypto in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows attackers to execute arbitrary code or cause a denial of service (out-of-bounds write) via a crafted app.

Published: September 25, 2016; 6:59:19 AM -0400
V4.0:(not available)
V3.0: 7.8 HIGH
V2.0: 9.3 HIGH
CVE-2016-4708

CFNetwork in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 misparses the Set-Cookie header, which allows remote attackers to obtain sensitive information via a crafted HTTP response.

Published: September 25, 2016; 6:59:15 AM -0400
V4.0:(not available)
V3.0: 6.5 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2016-4702

Audio in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

Published: September 25, 2016; 6:59:11 AM -0400
V4.0:(not available)
V3.0: 9.8 CRITICAL
V2.0: 10.0 HIGH
CVE-2016-4658

xpointer.c in libxml2 before 2.9.5 (as used in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3, and other products) does not forbid namespace nodes in XPointer ranges, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and memory corruption) via a crafted XML document.

Published: September 25, 2016; 6:59:02 AM -0400
V4.0:(not available)
V3.0: 9.8 CRITICAL
V2.0: 10.0 HIGH
CVE-2016-4611

WebKit in Apple iOS before 10, Safari before 10, and tvOS before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4730, CVE-2016-4733, CVE-2016-4734, and CVE-2016-4735.

Published: September 25, 2016; 6:59:00 AM -0400
V4.0:(not available)
V3.0: 8.8 HIGH
V2.0: 6.8 MEDIUM
CVE-2016-5131

Use-after-free vulnerability in libxml2 through 2.9.4, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the XPointer range-to function.

Published: July 23, 2016; 3:59:13 PM -0400
V4.0:(not available)
V3.0: 8.8 HIGH
V2.0: 6.8 MEDIUM
CVE-2016-4653

The kernel in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1863 and CVE-2016-4582.

Published: July 21, 2016; 11:00:11 PM -0400
V4.0:(not available)
V3.0: 7.8 HIGH
V2.0: 7.2 HIGH
CVE-2016-4637

CoreGraphics in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted BMP image.

Published: July 21, 2016; 10:59:57 PM -0400
V4.0:(not available)
V3.0: 8.8 HIGH
V2.0: 6.8 MEDIUM
CVE-2016-4632

ImageIO in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors.

Published: July 21, 2016; 10:59:53 PM -0400
V4.0:(not available)
V3.0: 7.5 HIGH
V2.0: 5.0 MEDIUM
CVE-2016-4631

ImageIO in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted TIFF file.

Published: July 21, 2016; 10:59:51 PM -0400
V4.0:(not available)
V3.0: 8.8 HIGH
V2.0: 6.8 MEDIUM
CVE-2016-4627

IOAcceleratorFamily in Apple iOS before 9.3.3, tvOS before 9.2.2, and watchOS before 2.2.2 allows local users to gain privileges or cause a denial of service (NULL pointer dereference) via unspecified vectors.

Published: July 21, 2016; 10:59:47 PM -0400
V4.0:(not available)
V3.0: 7.8 HIGH
V2.0: 7.2 HIGH
CVE-2016-4626

IOHIDFamily in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows local users to gain privileges or cause a denial of service (NULL pointer dereference) via unspecified vectors.

Published: July 21, 2016; 10:59:46 PM -0400
V4.0:(not available)
V3.0: 7.8 HIGH
V2.0: 7.2 HIGH
CVE-2016-4624

WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4589, CVE-2016-4622, and CVE-2016-4623.

Published: July 21, 2016; 10:59:44 PM -0400
V4.0:(not available)
V3.0: 8.8 HIGH
V2.0: 6.8 MEDIUM