Vulnerabilities > Apple > Tvos > 5.0.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-07-22 | CVE-2016-4609 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2016-4607, CVE-2016-4608, CVE-2016-4610, and CVE-2016-4612. | 9.8 |
| 2016-07-22 | CVE-2016-4607 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2016-4608, CVE-2016-4609, CVE-2016-4610, and CVE-2016-4612. | 9.8 |
| 2016-07-22 | CVE-2016-4594 | Improper Input Validation vulnerability in Apple products The Sandbox Profiles component in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows attackers to access the process list via a crafted app that makes an API call. | 6.8 |
| 2016-07-22 | CVE-2016-4586 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Safari and Tvos WebKit in Apple Safari before 9.1.2 and tvOS before 9.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site. | 6.8 |
| 2016-07-22 | CVE-2016-4584 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS, Safari and Tvos The WebKit Page Loading implementation in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site. | 6.8 |
| 2016-07-22 | CVE-2016-4582 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products The kernel in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1863 and CVE-2016-4653. | 7.2 |
| 2016-07-22 | CVE-2016-1865 | NULL Pointer Dereference vulnerability in Apple products The kernel in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows local users to cause a denial of service (NULL pointer dereference) via unspecified vectors. | 4.9 |
| 2016-07-22 | CVE-2016-1863 | Use After Free vulnerability in Apple products The kernel in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4582 and CVE-2016-4653. | 7.2 |
| 2016-06-09 | CVE-2016-4448 | Use of Externally-Controlled Format String vulnerability in multiple products Format string vulnerability in libxml2 before 2.9.4 allows attackers to have unspecified impact via format string specifiers in unknown vectors. | 9.8 |
| 2016-06-09 | CVE-2016-4447 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The xmlParseElementDecl function in parser.c in libxml2 before 2.9.4 allows context-dependent attackers to cause a denial of service (heap-based buffer underread and application crash) via a crafted file, involving xmlParseName. | 7.5 |