Vulnerabilities > Apple > Tvos > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-04-02 | CVE-2017-2390 | Link Following vulnerability in Apple products An issue was discovered in certain Apple products. | 2.1 |
| 2016-07-22 | CVE-2016-4583 | Race Condition vulnerability in multiple products WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to bypass the Same Origin Policy and obtain image date from an unintended web site via a timing attack involving an SVG document. | 2.6 |
| 2016-05-20 | CVE-2016-1807 | Race Condition vulnerability in Apple products Race condition in the Disk Images subsystem in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows local users to obtain sensitive information from kernel memory via unspecified vectors. | 1.9 |
| 2015-12-11 | CVE-2015-7046 | Information Exposure vulnerability in Apple products The Sandbox feature in xnu in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 does not properly implement privilege separation, which allows attackers to bypass the ASLR protection mechanism via a crafted app with root privileges. | 2.6 |
| 2015-11-18 | CVE-2015-8035 | Resource Management Errors vulnerability in multiple products The xz_decomp function in xzlib.c in libxml2 2.9.1 does not properly detect compression errors, which allows context-dependent attackers to cause a denial of service (process hang) via crafted XML data. | 2.6 |
| 2015-04-10 | CVE-2015-1094 | Information Exposure vulnerability in Apple Iphone OS and Tvos IOAcceleratorFamily in Apple iOS before 8.3 and Apple TV before 7.2 allows attackers to obtain sensitive information about kernel memory via a crafted app. | 1.9 |
| 2015-04-10 | CVE-2015-1096 | Information Exposure vulnerability in Apple Iphone OS, mac OS X and Tvos IOHIDFamily in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 allows attackers to obtain sensitive information about kernel memory via a crafted app. | 1.9 |
| 2015-04-10 | CVE-2015-1097 | Information Exposure vulnerability in Apple Iphone OS and Tvos IOMobileFramebuffer in Apple iOS before 8.3 and Apple TV before 7.2 allows attackers to obtain sensitive information about kernel memory via a crafted app. | 1.9 |
| 2015-04-10 | CVE-2015-1114 | Information Exposure vulnerability in Apple Iphone OS and Tvos The Sandbox Profiles component in Apple iOS before 8.3 and Apple TV before 7.2 allows attackers to discover hardware identifiers via a crafted app. | 1.9 |
| 2014-11-18 | CVE-2014-4455 | Permissions, Privileges, and Access Controls vulnerability in Apple Iphone OS and Tvos dyld in Apple iOS before 8.1.1 and Apple TV before 7.0.2 does not properly handle overlapping segments in Mach-O executable files, which allows local users to bypass intended code-signing restrictions via a crafted file. | 2.1 |