Vulnerabilities (CVE)

Filtered by vendor Apple Subscribe
Filtered by product Tvos
Total 1693 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-4126 2 Apple, Microsoft 7 Icloud, Iphone Os, Itunes and 4 more 2024-11-21 9.3 HIGH 7.8 HIGH
A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5, iTunes 12.9 for Windows, iCloud for Windows 7.7.
CVE-2018-4125 4 Apple, Canonical, Microsoft and 1 more 9 Icloud, Iphone Os, Itunes and 6 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
CVE-2018-4124 1 Apple 4 Iphone Os, Mac Os X, Tvos and 1 more 2024-11-21 9.0 HIGH 9.8 CRITICAL
An issue was discovered in certain Apple products. iOS before 11.2.6 is affected. macOS before 10.13.3 Supplemental Update is affected. tvOS before 11.2.6 is affected. watchOS before 4.2.3 is affected. The issue involves the "CoreText" component. It allows remote attackers to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact via a crafted string containing a certain Telugu character.
CVE-2018-4122 4 Apple, Canonical, Microsoft and 1 more 9 Icloud, Iphone Os, Itunes and 6 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
CVE-2018-4121 2 Apple, Microsoft 7 Icloud, Iphone Os, Itunes and 4 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
CVE-2018-4120 4 Apple, Canonical, Microsoft and 1 more 8 Icloud, Iphone Os, Itunes and 5 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
CVE-2018-4119 4 Apple, Canonical, Microsoft and 1 more 8 Icloud, Iphone Os, Itunes and 5 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
CVE-2018-4118 4 Apple, Canonical, Microsoft and 1 more 8 Icloud, Iphone Os, Itunes and 5 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
CVE-2018-4115 1 Apple 4 Iphone Os, Mac Os X, Tvos and 1 more 2024-11-21 7.5 HIGH 9.8 CRITICAL
An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves CFPreferences in the "System Preferences" component. It allows attackers to bypass intended access restrictions by leveraging incorrect configuration-profile persistence.
CVE-2018-4114 4 Apple, Canonical, Microsoft and 1 more 9 Icloud, Iphone Os, Itunes and 6 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
CVE-2018-4113 4 Apple, Canonical, Microsoft and 1 more 9 Icloud, Iphone Os, Itunes and 6 more 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves a JavaScriptCore function in the "WebKit" component. It allows attackers to trigger an assertion failure by leveraging improper array indexing.
CVE-2018-4104 1 Apple 4 Iphone Os, Mac Os X, Tvos and 1 more 2024-11-21 4.3 MEDIUM 5.5 MEDIUM
An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "Kernel" component. It allows attackers to bypass intended memory-read restrictions via a crafted app.
CVE-2018-4101 4 Apple, Canonical, Microsoft and 1 more 8 Icloud, Iphone Os, Itunes and 5 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
CVE-2018-20506 4 Apple, Microsoft, Opensuse and 1 more 9 Icloud, Iphone Os, Itunes and 6 more 2024-11-21 6.8 MEDIUM 8.1 HIGH
SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow (and resultant buffer overflow) for FTS3 queries in a "merge" operation that occurs after crafted changes to FTS3 shadow tables, allowing remote attackers to execute arbitrary code by leveraging the ability to run arbitrary SQL statements (such as in certain WebSQL use cases). This is a different vulnerability than CVE-2018-20346.
CVE-2017-7172 2 Apple, Microsoft 7 Icloud, Iphone Os, Itunes and 4 more 2024-11-21 9.3 HIGH 7.8 HIGH
An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10.13.2 is affected. iCloud before 7.2 on Windows is affected. iTunes before 12.7.2 on Windows is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the "CFNetwork Session" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
CVE-2017-7171 1 Apple 4 Iphone Os, Mac Os X, Tvos and 1 more 2024-11-21 9.3 HIGH 7.8 HIGH
An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10.13.2 is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the "CoreAnimation" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
CVE-2017-7165 3 Apple, Canonical, Microsoft 8 Icloud, Iphone Os, Itunes and 5 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
An issue was discovered in certain Apple products. iOS before 11.2 is affected. Safari before 11.0.2 is affected. iCloud before 7.2 on Windows is affected. iTunes before 12.7.2 on Windows is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
CVE-2017-7164 1 Apple 2 Iphone Os, Tvos 2024-11-21 4.3 MEDIUM 5.9 MEDIUM
An issue was discovered in certain Apple products. iOS before 11.2 is affected. tvOS before 11.2 is affected. The issue involves the "App Store" component. It allows man-in-the-middle attackers to spoof password prompts.
CVE-2017-7162 1 Apple 4 Iphone Os, Mac Os X, Tvos and 1 more 2024-11-21 9.3 HIGH 7.8 HIGH
An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10.13.2 is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the "IOKit" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
CVE-2017-7160 3 Apple, Canonical, Microsoft 8 Icloud, Iphone Os, Itunes and 5 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
An issue was discovered in certain Apple products. iOS before 11.2 is affected. Safari before 11.0.2 is affected. iCloud before 7.2 on Windows is affected. iTunes before 12.7.2 on Windows is affected. tvOS before 11.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.