Vulnerabilities > Apple > Tvos > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2014-09-18 | CVE-2014-4375 | Local Memory Corruption vulnerability in Apple Iphone OS, mac OS X and Tvos Double free vulnerability in Apple iOS before 8 and Apple TV before 7 allows local users to gain privileges or cause a denial of service (device crash) via vectors related to Mach ports. | 7.2 |
| 2014-09-18 | CVE-2014-4373 | NULL Pointer Dereference Denial of Service vulnerability in Apple Iphone OS, mac OS X and Tvos The IntelAccelerator driver in the IOAcceleratorFamily subsystem in Apple iOS before 8 and Apple TV before 7 allows attackers to cause a denial of service (NULL pointer dereference and device restart) via a crafted application. | 7.8 |
| 2014-09-18 | CVE-2014-4369 | NULL Pointer Dereference Denial of Service vulnerability in Apple Iphone OS and Tvos The IOAcceleratorFamily API implementation in Apple iOS before 8 and Apple TV before 7 allows attackers to cause a denial of service (NULL pointer dereference and device crash) via an application that uses crafted arguments. | 7.8 |
| 2014-03-14 | CVE-2014-1287 | Buffer Errors vulnerability in Apple Iphone OS and Tvos USB Host in Apple iOS before 7.1 and Apple TV before 6.1 allows physically proximate attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted USB messages. | 7.2 |
| 2014-03-14 | CVE-2014-1280 | Unspecified vulnerability in Apple Iphone OS and Tvos Video Driver in Apple iOS before 7.1 and Apple TV before 6.1 allows remote attackers to cause a denial of service (NULL pointer dereference and device hang) via a crafted video file with MPEG-4 encoding. network apple | 7.1 |
| 2014-03-14 | CVE-2014-1278 | Buffer Errors vulnerability in Apple Iphone OS and Tvos The ptmx_get_ioctl function in the ARM kernel in Apple iOS before 7.1 and Apple TV before 6.1 allows local users to gain privileges or cause a denial of service (out-of-bounds memory access and device crash) via a crafted call. | 7.2 |
| 2014-03-14 | CVE-2014-1271 | Improper Input Validation vulnerability in Apple Iphone OS and Tvos CoreCapture in Apple iOS before 7.1 and Apple TV before 6.1 does not properly validate IOKit API calls, which allows attackers to cause a denial of service (assertion failure and device crash) via a crafted app. | 7.8 |
| 2014-02-22 | CVE-2014-1266 | Improper Certificate Validation vulnerability in Apple Iphone OS, mac OS X and Tvos The SSLVerifySignedServerKeyExchange function in libsecurity_ssl/lib/sslKeyExchange.c in the Secure Transport feature in the Data Security component in Apple iOS 6.x before 6.1.6 and 7.x before 7.0.6, Apple TV 6.x before 6.0.2, and Apple OS X 10.9.x before 10.9.2 does not check the signature in a TLS Server Key Exchange message, which allows man-in-the-middle attackers to spoof SSL servers by (1) using an arbitrary private key for the signing step or (2) omitting the signing step. | 7.4 |
| 2013-03-20 | CVE-2013-0981 | Unspecified vulnerability in Apple Iphone OS and Tvos The IOUSBDeviceFamily driver in the USB implementation in the kernel in Apple iOS before 6.1.3 and Apple TV before 5.2.1 accesses pipe object pointers that originated in userspace, which allows local users to gain privileges via crafted code. | 7.2 |
| 2011-03-11 | CVE-2011-0162 | Improper Input Validation vulnerability in Apple TV, Iphone OS and Tvos Wi-Fi in Apple iOS before 4.3 and Apple TV before 4.2 does not properly perform bounds checking for Wi-Fi frames, which allows remote attackers to cause a denial of service (device reset) via unspecified traffic on the local wireless network. | 7.8 |