Vulnerabilities > Apple > Tvos > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-05-20 | CVE-2016-1807 | Race Condition vulnerability in Apple products Race condition in the Disk Images subsystem in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows local users to obtain sensitive information from kernel memory via unspecified vectors. | 1.9 |
| 2015-12-11 | CVE-2015-7046 | Information Exposure vulnerability in Apple products The Sandbox feature in xnu in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 does not properly implement privilege separation, which allows attackers to bypass the ASLR protection mechanism via a crafted app with root privileges. | 2.6 |
| 2015-11-18 | CVE-2015-8035 | Resource Management Errors vulnerability in multiple products The xz_decomp function in xzlib.c in libxml2 2.9.1 does not properly detect compression errors, which allows context-dependent attackers to cause a denial of service (process hang) via crafted XML data. | 2.6 |
| 2015-04-10 | CVE-2015-1094 | Information Exposure vulnerability in Apple Iphone OS and Tvos IOAcceleratorFamily in Apple iOS before 8.3 and Apple TV before 7.2 allows attackers to obtain sensitive information about kernel memory via a crafted app. | 1.9 |
| 2015-04-10 | CVE-2015-1096 | Information Exposure vulnerability in Apple Iphone OS, mac OS X and Tvos IOHIDFamily in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 allows attackers to obtain sensitive information about kernel memory via a crafted app. | 1.9 |
| 2015-04-10 | CVE-2015-1097 | Information Exposure vulnerability in Apple Iphone OS and Tvos IOMobileFramebuffer in Apple iOS before 8.3 and Apple TV before 7.2 allows attackers to obtain sensitive information about kernel memory via a crafted app. | 1.9 |
| 2015-04-10 | CVE-2015-1114 | Information Exposure vulnerability in Apple Iphone OS and Tvos The Sandbox Profiles component in Apple iOS before 8.3 and Apple TV before 7.2 allows attackers to discover hardware identifiers via a crafted app. | 1.9 |
| 2014-11-18 | CVE-2014-4455 | Permissions, Privileges, and Access Controls vulnerability in Apple Iphone OS and Tvos dyld in Apple iOS before 8.1.1 and Apple TV before 7.0.2 does not properly handle overlapping segments in Mach-O executable files, which allows local users to bypass intended code-signing restrictions via a crafted file. | 2.1 |
| 2014-09-18 | CVE-2014-4357 | Information Exposure vulnerability in Apple Iphone OS and Tvos Accounts Framework in Apple iOS before 8 and Apple TV before 7 allows attackers to obtain sensitive information by reading log data that was not intended to be present in a log. | 2.1 |
| 2014-09-18 | CVE-2014-4364 | Cryptographic Issues vulnerability in Apple Iphone OS and Tvos The 802.1X subsystem in Apple iOS before 8 and Apple TV before 7 does not require strong authentication methods, which allows remote attackers to calculate credentials by offering LEAP authentication from a crafted Wi-Fi AP and then performing a cryptographic attack against the MS-CHAPv1 hash. | 2.9 |