) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:o:apple:tvos:7.0.2:*:*:*:*:*:*:*
- CPE Name Search: true
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2016-1829 |
The kernel in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1827, CVE-2016-1828, and CVE-2016-1830. Published: May 20, 2016; 6:59:42 AM -0400 |
V3.0: 7.8 HIGH V2.0: 9.3 HIGH |
| CVE-2016-1828 |
The kernel in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1827, CVE-2016-1829, and CVE-2016-1830. Published: May 20, 2016; 6:59:41 AM -0400 |
V3.0: 7.8 HIGH V2.0: 9.3 HIGH |
| CVE-2016-1827 |
The kernel in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1828, CVE-2016-1829, and CVE-2016-1830. Published: May 20, 2016; 6:59:40 AM -0400 |
V3.0: 7.8 HIGH V2.0: 9.3 HIGH |
| CVE-2016-1824 |
IOHIDFamily in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1823. Published: May 20, 2016; 6:59:37 AM -0400 |
V3.0: 7.8 HIGH V2.0: 9.3 HIGH |
| CVE-2016-1823 |
The IOHIDDevice::handleReportWithTime function in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (out-of-bounds read and memory corruption) via a crafted IOHIDReportType enum, which triggers an incorrect cast, a different vulnerability than CVE-2016-1824. Published: May 20, 2016; 6:59:36 AM -0400 |
V3.0: 7.8 HIGH V2.0: 9.3 HIGH |
| CVE-2016-1819 |
Use-after-free vulnerability in the IOAccelContext2::clientMemoryForType method in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1817 and CVE-2016-1818. Published: May 20, 2016; 6:59:32 AM -0400 |
V3.0: 7.8 HIGH V2.0: 9.3 HIGH |
| CVE-2016-1818 |
IOAcceleratorFamily in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1817 and CVE-2016-1819. Published: May 20, 2016; 6:59:31 AM -0400 |
V3.0: 7.8 HIGH V2.0: 9.3 HIGH |
| CVE-2016-1817 |
IOAcceleratorFamily in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1818 and CVE-2016-1819. Published: May 20, 2016; 6:59:30 AM -0400 |
V3.0: 7.8 HIGH V2.0: 9.3 HIGH |
| CVE-2016-1814 |
IOAcceleratorFamily in Apple iOS before 9.3.2, OS X before 10.11.5, and tvOS before 9.2.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted app. Published: May 20, 2016; 6:59:27 AM -0400 |
V3.0: 5.5 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2016-1813 |
The IOAccelSharedUserClient2::page_off_resource method in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a crafted app. Published: May 20, 2016; 6:59:25 AM -0400 |
V3.0: 7.8 HIGH V2.0: 9.3 HIGH |
| CVE-2016-1811 |
ImageIO in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted image. Published: May 20, 2016; 6:59:23 AM -0400 |
V3.0: 6.5 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2016-1808 |
The Disk Images subsystem in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. Published: May 20, 2016; 6:59:20 AM -0400 |
V3.0: 7.8 HIGH V2.0: 9.3 HIGH |
| CVE-2016-1807 |
Race condition in the Disk Images subsystem in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows local users to obtain sensitive information from kernel memory via unspecified vectors. Published: May 20, 2016; 6:59:19 AM -0400 |
V3.0: 5.1 MEDIUM V2.0: 1.9 LOW |
| CVE-2016-1803 |
CoreCapture in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a crafted app. Published: May 20, 2016; 6:59:15 AM -0400 |
V3.0: 7.8 HIGH V2.0: 6.8 MEDIUM |
| CVE-2016-1802 |
CCCrypt in CommonCrypto in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 mishandles return values during key-length calculations, which allows attackers to obtain sensitive information via a crafted app. Published: May 20, 2016; 6:59:14 AM -0400 |
V3.0: 5.5 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2016-1801 |
The CFNetwork Proxies subsystem in Apple iOS before 9.3.2, OS X before 10.11.5, and tvOS before 9.2.1 mishandles URLs in http and https requests, which allows remote attackers to obtain sensitive information via unspecified vectors. Published: May 20, 2016; 6:59:13 AM -0400 |
V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |
| CVE-2016-1784 |
The History implementation in WebKit in Apple iOS before 9.3, Safari before 9.1, and tvOS before 9.2 allows remote attackers to cause a denial of service (resource consumption and application crash) via a crafted web site. Published: March 23, 2016; 9:59:51 PM -0400 |
V3.0: 6.5 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2016-1783 |
WebKit in Apple iOS before 9.3, Safari before 9.1, and tvOS before 9.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site. Published: March 23, 2016; 9:59:50 PM -0400 |
V3.0: 8.8 HIGH V2.0: 9.3 HIGH |
| CVE-2016-1775 |
TrueTypeScaler in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9.2, and watchOS before 2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file. Published: March 23, 2016; 9:59:42 PM -0400 |
V3.0: 7.8 HIGH V2.0: 9.3 HIGH |
| CVE-2016-1762 |
The xmlNextChar function in libxml2 before 2.9.4 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document. Published: March 23, 2016; 9:59:30 PM -0400 |
V3.0: 8.1 HIGH V2.0: 5.8 MEDIUM |