Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Tvos
(Apple)Repositories |
• https://github.com/madler/zlib
• https://github.com/file/file • https://github.com/WebKit/webkit |
#Vulnerabilities | 1624 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2023-02-27 | CVE-2022-32891 | The issue was addressed with improved UI handling. This issue is fixed in Safari 16, tvOS 16, watchOS 9, iOS 16. Visiting a website that frames malicious content may lead to UI spoofing. | Iphone_os, Safari, Tvos, Watchos | 6.1 | ||
2022-12-15 | CVE-2022-42865 | This issue was addressed by enabling hardened runtime. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1, tvOS 16.2, watchOS 9.2. An app may be able to bypass Privacy preferences. | Ipados, Iphone_os, Macos, Tvos, Watchos | 5.5 | ||
2022-05-26 | CVE-2022-26702 | A use after free issue was addressed with improved memory management. This issue is fixed in watchOS 8.6, tvOS 15.5, iOS 15.5 and iPadOS 15.5. An application may be able to execute arbitrary code with kernel privileges. | Ipados, Iphone_os, Tvos, Watchos | 7.8 | ||
2023-02-27 | CVE-2022-32824 | The issue was addressed with improved memory handling. This issue is fixed in tvOS 15.6, watchOS 8.7, iOS 15.6 and iPadOS 15.6. An app may be able to disclose kernel memory. | Ipados, Iphone_os, Tvos, Watchos | 5.5 | ||
2023-02-27 | CVE-2022-32949 | This issue was addressed with improved checks. This issue is fixed in iOS 15.7.1 and iPadOS 15.7.1, tvOS 16. An app may be able to execute arbitrary code with kernel privileges. | Ipados, Iphone_os, Tvos | 7.8 | ||
2023-02-27 | CVE-2022-32830 | An out-of-bounds read issue was addressed with improved bounds checking. This issue is fixed in tvOS 15.6, iOS 15.6 and iPadOS 15.6. Processing a maliciously crafted image may lead to disclosure of user information. | Ipados, Iphone_os, Tvos | 7.5 | ||
2019-12-11 | CVE-2019-14899 | A vulnerability was discovered in Linux, FreeBSD, OpenBSD, MacOS, iOS, and Android that allows a malicious access point, or an adjacent user, to determine if a connected user is using a VPN, make positive inferences about the websites they are visiting, and determine the correct sequence and acknowledgement numbers in use, allowing the bad actor to inject data into the TCP stream. This provides everything that is needed for an attacker to hijack active connections inside the VPN tunnel. | Ipados, Iphone_os, Mac_os_x, Macos, Tvos, Freebsd, Linux_kernel, Openbsd | 7.4 | ||
2010-06-30 | CVE-2010-2249 | Memory leak in pngrutil.c in libpng before 1.2.44, and 1.4.x before 1.4.3, allows remote attackers to cause a denial of service (memory consumption and application crash) via a PNG image containing malformed Physical Scale (aka sCAL) chunks. | Iphone_os, Itunes, Safari, Tvos, Ubuntu_linux, Debian_linux, Fedora, Libpng, Opensuse, Linux_enterprise_server, Player, Workstation | 6.5 | ||
2010-08-19 | CVE-2010-2806 | Array index error in the t42_parse_sfnts function in type42/t42parse.c in FreeType before 2.4.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via negative size values for certain strings in FontType42 font files, leading to a heap-based buffer overflow. | Iphone_os, Mac_os_x, Tvos, Ubuntu_linux, Freetype | N/A | ||
2010-08-19 | CVE-2010-2808 | Buffer overflow in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.4.2 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted Adobe Type 1 Mac Font File (aka LWFN) font. | Iphone_os, Mac_os_x, Tvos, Ubuntu_linux, Freetype | N/A |