Vulnerabilities > Apple > Tvos > High

DATE CVE VULNERABILITY TITLE RISK
2016-09-25 CVE-2016-4777 NULL Pointer Dereference vulnerability in Apple products
The kernel in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (invalid pointer dereference) via a crafted app.
local
low complexity
apple CWE-476
7.8
2016-09-25 CVE-2016-4776 Out-of-bounds Read vulnerability in Apple products
The kernel in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows attackers to obtain sensitive memory-layout information or cause a denial of service (out-of-bounds read) via a crafted app, a different vulnerability than CVE-2016-4773 and CVE-2016-4774.
local
low complexity
apple CWE-125
7.1
2016-09-25 CVE-2016-4775 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Tvos and Watchos
The kernel in Apple OS X before 10.12, tvOS before 10, and watchOS before 3 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.
local
low complexity
apple CWE-119
7.8
2016-09-25 CVE-2016-4774 Out-of-bounds Read vulnerability in Apple products
The kernel in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows attackers to obtain sensitive memory-layout information or cause a denial of service (out-of-bounds read) via a crafted app, a different vulnerability than CVE-2016-4773 and CVE-2016-4776.
local
low complexity
apple CWE-125
7.1
2016-09-25 CVE-2016-4773 Out-of-bounds Read vulnerability in Apple products
The kernel in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows attackers to obtain sensitive memory-layout information or cause a denial of service (out-of-bounds read) via a crafted app, a different vulnerability than CVE-2016-4774 and CVE-2016-4776.
local
low complexity
apple CWE-125
7.1
2016-09-25 CVE-2016-4772 Resource Management Errors vulnerability in Apple products
The kernel in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows remote attackers to cause a denial of service (unintended lock) via unspecified vectors.
network
low complexity
apple CWE-399
7.5
2016-09-25 CVE-2016-4768 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products
WebKit in Apple iOS before 10, tvOS before 10, iTunes before 12.5.1 on Windows, and Safari before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4759, CVE-2016-4765, CVE-2016-4766, and CVE-2016-4767.
network
low complexity
apple CWE-119
8.8
2016-09-25 CVE-2016-4767 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products
WebKit in Apple iOS before 10, tvOS before 10, iTunes before 12.5.1 on Windows, and Safari before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4759, CVE-2016-4765, CVE-2016-4766, and CVE-2016-4768.
network
low complexity
apple CWE-119
8.8
2016-09-25 CVE-2016-4766 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products
WebKit in Apple iOS before 10, tvOS before 10, iTunes before 12.5.1 on Windows, and Safari before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4759, CVE-2016-4765, CVE-2016-4767, and CVE-2016-4768.
network
low complexity
apple CWE-119
8.8
2016-09-25 CVE-2016-4765 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products
WebKit in Apple iOS before 10, tvOS before 10, iTunes before 12.5.1 on Windows, and Safari before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4759, CVE-2016-4766, CVE-2016-4767, and CVE-2016-4768.
network
low complexity
apple CWE-119
8.8