Vulnerabilities > Apple > Tvos > High

DATE CVE VULNERABILITY TITLE RISK
2016-05-20 CVE-2016-1856 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
WebKit, as used in Apple iOS before 9.3.2, Safari before 9.1.1, and tvOS before 9.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-1854, CVE-2016-1855, and CVE-2016-1857.
network
low complexity
apple webkitgtk CWE-119
8.8
2016-05-20 CVE-2016-1855 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS
WebKit, as used in Apple iOS before 9.3.2, Safari before 9.1.1, and tvOS before 9.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-1854, CVE-2016-1856, and CVE-2016-1857.
network
low complexity
apple CWE-119
8.8
2016-05-20 CVE-2016-1854 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
WebKit, as used in Apple iOS before 9.3.2, Safari before 9.1.1, and tvOS before 9.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-1855, CVE-2016-1856, and CVE-2016-1857.
network
low complexity
apple webkitgtk CWE-119
8.8
2016-05-20 CVE-2016-1847 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products
OpenGL, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.
network
low complexity
apple CWE-119
8.8
2016-05-20 CVE-2016-1841 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products
libxslt, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.
network
low complexity
apple CWE-119
8.8
2016-05-20 CVE-2016-1840 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Heap-based buffer overflow in the xmlFAParsePosCharGroup function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted XML document.
7.8
2016-05-20 CVE-2016-1834 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Heap-based buffer overflow in the xmlStrncat function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted XML document.
7.8
2016-05-20 CVE-2016-1832 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products
libc in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.
local
low complexity
apple CWE-119
7.8
2016-05-20 CVE-2016-1831 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products
The kernel in Apple iOS before 9.3.2 and OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
local
low complexity
apple CWE-119
7.8
2016-05-20 CVE-2016-1830 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products
The kernel in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1827, CVE-2016-1828, and CVE-2016-1829.
local
low complexity
apple CWE-119
7.8