Vulnerabilities > Apple > Tvos > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-02-20 | CVE-2017-2365 | Information Exposure vulnerability in multiple products An issue was discovered in certain Apple products. | 6.5 |
| 2017-02-20 | CVE-2017-2363 | Information Exposure vulnerability in multiple products An issue was discovered in certain Apple products. | 6.5 |
| 2017-02-20 | CVE-2017-2350 | Information Exposure vulnerability in multiple products An issue was discovered in certain Apple products. | 6.5 |
| 2017-02-20 | CVE-2016-7579 | Information Exposure vulnerability in Apple Iphone OS An issue was discovered in certain Apple products. | 5.9 |
| 2017-02-20 | CVE-2016-4680 | Information Exposure vulnerability in Apple Iphone OS An issue was discovered in certain Apple products. | 5.5 |
| 2017-02-20 | CVE-2016-4679 | Link Following vulnerability in Apple products An issue was discovered in certain Apple products. | 5.5 |
| 2016-09-25 | CVE-2016-4718 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products Buffer overflow in FontParser in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows remote attackers to obtain sensitive information from process memory via a crafted font file. | 6.5 |
| 2016-09-25 | CVE-2016-4708 | Information Exposure vulnerability in Apple products CFNetwork in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 misparses the Set-Cookie header, which allows remote attackers to obtain sensitive information via a crafted HTTP response. | 6.5 |
| 2016-07-22 | CVE-2016-1865 | NULL Pointer Dereference vulnerability in Apple products The kernel in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows local users to cause a denial of service (NULL pointer dereference) via unspecified vectors. | 5.5 |
| 2016-05-20 | CVE-2016-1858 | Information Exposure vulnerability in multiple products WebKit, as used in Apple iOS before 9.3.2, Safari before 9.1.1, and tvOS before 9.2.1, improperly tracks taint attributes, which allows remote attackers to obtain sensitive information via a crafted web site. | 6.5 |