Apple » Tvos : Security Vulnerabilities (CVSS score between 3 and 3.99)
# |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
1 |
CVE-2021-30866 |
|
|
|
2021-08-24 |
2021-11-23 |
3.3 |
None |
Local Network |
Low |
Not required |
Partial |
None |
None |
A user privacy issue was addressed by removing the broadcast MAC address. This issue is fixed in tvOS 15, watchOS 8, iOS 15 and iPadOS 15. A device may be passively tracked by its WiFi MAC address. |
2 |
CVE-2019-8906 |
125 |
|
|
2019-02-18 |
2021-12-09 |
3.6 |
None |
Local |
Low |
Not required |
Partial |
None |
Partial |
do_core_note in readelf.c in libmagic.a in file 5.35 has an out-of-bounds read because memcpy is misused. |
3 |
CVE-2018-4305 |
20 |
|
|
2019-04-03 |
2019-04-04 |
3.3 |
None |
Local Network |
Low |
Not required |
None |
Partial |
None |
An input validation issue was addressed with improved input validation. This issue affected versions prior to iOS 12, tvOS 12, watchOS 5. |
4 |
CVE-2017-7066 |
119 |
|
DoS Overflow Mem. Corr. |
2018-04-03 |
2019-03-08 |
3.3 |
None |
Local Network |
Low |
Not required |
None |
None |
Partial |
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. tvOS before 10.2.2 is affected. The issue involves the "Wi-Fi" component. It allows attackers to cause a denial of service (memory corruption on the Wi-Fi chip) by leveraging proximity for 802.11. |
5 |
CVE-2014-4372 |
59 |
|
|
2014-09-18 |
2019-03-08 |
3.6 |
None |
Local |
Low |
Not required |
None |
Partial |
Partial |
syslogd in the syslog subsystem in Apple iOS before 8 and Apple TV before 7 allows local users to change the permissions of arbitrary files via a symlink attack on an unspecified file. |
6 |
CVE-2013-0964 |
20 |
|
Bypass |
2013-01-29 |
2019-03-08 |
3.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
None |
The kernel in Apple iOS before 6.1 and Apple TV before 5.2 does not properly validate copyin and copyout arguments, which allows local users to bypass intended pointer restrictions and access locations in the first kernel-memory page by specifying a length of less than one page. |
Total number of vulnerabilities :
6
Page :
1
(This Page)