Vulnerabilities > Apple > Tvos > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-07-22 | CVE-2016-4637 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products CoreGraphics in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted BMP image. | 8.8 |
| 2016-07-22 | CVE-2016-4632 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products ImageIO in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors. | 7.5 |
| 2016-07-22 | CVE-2016-4631 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products ImageIO in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted TIFF file. | 8.8 |
| 2016-07-22 | CVE-2016-4627 | NULL Pointer Dereference vulnerability in Apple Iphone OS IOAcceleratorFamily in Apple iOS before 9.3.3, tvOS before 9.2.2, and watchOS before 2.2.2 allows local users to gain privileges or cause a denial of service (NULL pointer dereference) via unspecified vectors. | 7.8 |
| 2016-07-22 | CVE-2016-4626 | NULL Pointer Dereference vulnerability in Apple products IOHIDFamily in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows local users to gain privileges or cause a denial of service (NULL pointer dereference) via unspecified vectors. | 7.8 |
| 2016-07-22 | CVE-2016-4624 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4589, CVE-2016-4622, and CVE-2016-4623. | 8.8 |
| 2016-07-22 | CVE-2016-4623 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4589, CVE-2016-4622, and CVE-2016-4624. | 8.8 |
| 2016-07-22 | CVE-2016-4622 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4589, CVE-2016-4623, and CVE-2016-4624. | 8.8 |
| 2016-07-22 | CVE-2016-4594 | Improper Input Validation vulnerability in Apple products The Sandbox Profiles component in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows attackers to access the process list via a crafted app that makes an API call. | 7.8 |
| 2016-07-22 | CVE-2016-4586 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Safari WebKit in Apple Safari before 9.1.2 and tvOS before 9.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site. | 8.8 |