Vulnerabilities > Apple > Tvos > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2015-01-30 | CVE-2014-4485 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS, mac OS X and Tvos Buffer overflow in the XML parser in Foundation in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and Apple TV before 7.0.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted XML document. | 7.5 |
| 2015-01-30 | CVE-2014-4484 | Data Processing Errors vulnerability in Apple Iphone OS, mac OS X and Tvos FontParser in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and Apple TV before 7.0.3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted .dfont file. | 7.5 |
| 2014-12-10 | CVE-2014-4466 | Resource Management Errors vulnerability in Apple products WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-12-2-1. | 7.5 |
| 2014-09-18 | CVE-2014-4379 | Buffer Errors vulnerability in Apple Iphone OS, mac OS X and Tvos An unspecified IOHIDFamily function in Apple iOS before 8 and Apple TV before 7 lacks proper bounds checking to prevent reading of kernel pointers, which allows attackers to bypass the ASLR protection mechanism via a crafted application. | 7.1 |
| 2014-09-18 | CVE-2014-4375 | Local Memory Corruption vulnerability in Apple Iphone OS, mac OS X and Tvos Double free vulnerability in Apple iOS before 8 and Apple TV before 7 allows local users to gain privileges or cause a denial of service (device crash) via vectors related to Mach ports. | 7.2 |
| 2014-09-18 | CVE-2014-4373 | NULL Pointer Dereference Denial of Service vulnerability in Apple Iphone OS, mac OS X and Tvos The IntelAccelerator driver in the IOAcceleratorFamily subsystem in Apple iOS before 8 and Apple TV before 7 allows attackers to cause a denial of service (NULL pointer dereference and device restart) via a crafted application. | 7.8 |
| 2014-09-18 | CVE-2014-4369 | NULL Pointer Dereference Denial of Service vulnerability in Apple Iphone OS and Tvos The IOAcceleratorFamily API implementation in Apple iOS before 8 and Apple TV before 7 allows attackers to cause a denial of service (NULL pointer dereference and device crash) via an application that uses crafted arguments. | 7.8 |
| 2014-03-14 | CVE-2014-1287 | Buffer Errors vulnerability in Apple Iphone OS and Tvos USB Host in Apple iOS before 7.1 and Apple TV before 6.1 allows physically proximate attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted USB messages. | 7.2 |
| 2014-03-14 | CVE-2014-1280 | Unspecified vulnerability in Apple Iphone OS and Tvos Video Driver in Apple iOS before 7.1 and Apple TV before 6.1 allows remote attackers to cause a denial of service (NULL pointer dereference and device hang) via a crafted video file with MPEG-4 encoding. network apple | 7.1 |
| 2014-03-14 | CVE-2014-1278 | Buffer Errors vulnerability in Apple Iphone OS and Tvos The ptmx_get_ioctl function in the ARM kernel in Apple iOS before 7.1 and Apple TV before 6.1 allows local users to gain privileges or cause a denial of service (out-of-bounds memory access and device crash) via a crafted call. | 7.2 |