Vulnerabilities > Apple > Tvos > 5.0.2

DATE CVE VULNERABILITY TITLE RISK
2015-12-11 CVE-2015-7054 Data Processing Errors vulnerability in Apple products
zlib in the Compression component in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 does not initialize memory for an unspecified data structure, which allows remote attackers to execute arbitrary code via a crafted web site.
network
apple CWE-19
6.8
2015-12-11 CVE-2015-7053 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products
ImageIO in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted image.
network
apple CWE-119
6.8
2015-12-11 CVE-2015-7051 Permissions, Privileges, and Access Controls vulnerability in Apple Iphone OS and Tvos
MobileStorageMounter in Apple iOS before 9.2 and tvOS before 9.1 mishandles the timing of trust-cache loading, which allows attackers to execute arbitrary code in a privileged context via a crafted app.
network
apple CWE-264
critical
9.3
2015-12-11 CVE-2015-7048 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS, Safari and Tvos
WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-7095, CVE-2015-7096, CVE-2015-7097, CVE-2015-7098, CVE-2015-7099, CVE-2015-7100, CVE-2015-7101, CVE-2015-7102, and CVE-2015-7103.
network
apple CWE-119
6.8
2015-12-11 CVE-2015-7047 Improper Input Validation vulnerability in Apple products
The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows local users to gain privileges via a crafted mach message that is misparsed.
local
low complexity
apple CWE-20
7.2
2015-12-11 CVE-2015-7046 Information Exposure vulnerability in Apple products
The Sandbox feature in xnu in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 does not properly implement privilege separation, which allows attackers to bypass the ASLR protection mechanism via a crafted app with root privileges.
network
high complexity
apple CWE-200
2.6
2015-12-11 CVE-2015-7045 Code vulnerability in Apple mac OS X and Tvos
Keychain Access in Apple OS X before 10.11.2 and tvOS before 9.1 improperly interacts with Keychain Agent, which allows attackers to spoof the Keychain Server via unspecified vectors.
network
low complexity
apple CWE-17
5.0
2015-12-11 CVE-2015-7043 Multiple Security vulnerability in Apple Mac OS X/watchOS/iOS/tvOS
The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to cause a denial of service via a crafted app, a different vulnerability than CVE-2015-7040, CVE-2015-7041, and CVE-2015-7042.
network
apple
4.3
2015-12-11 CVE-2015-7042 Multiple Security vulnerability in Apple Mac OS X/watchOS/iOS/tvOS
The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to cause a denial of service via a crafted app, a different vulnerability than CVE-2015-7040, CVE-2015-7041, and CVE-2015-7043.
network
apple
4.3
2015-12-11 CVE-2015-7041 Multiple Security vulnerability in Apple Mac OS X/watchOS/iOS/tvOS
The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to cause a denial of service via a crafted app, a different vulnerability than CVE-2015-7040, CVE-2015-7042, and CVE-2015-7043.
network
apple
4.3