Shodan
Vulnerabilities
Vulnerable Software
Apple:  >> Tvos  >> 1.1.0  Security Vulnerabilities
CVE-2016-4608
libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2016-4607, CVE-2016-4609, CVE-2016-4610, and CVE-2016-4612.
CVSS Score
9.8
EPSS Score
0.052
Published
2016-07-22
CVE-2016-4607
libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2016-4608, CVE-2016-4609, CVE-2016-4610, and CVE-2016-4612.
CVSS Score
9.8
EPSS Score
0.047
Published
2016-07-22
CVE-2016-4594
The Sandbox Profiles component in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows attackers to access the process list via a crafted app that makes an API call.
CVSS Score
7.8
EPSS Score
0.002
Published
2016-07-22
CVE-2016-4592
WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to cause a denial of service (memory consumption) via a crafted web site.
CVSS Score
6.5
EPSS Score
0.016
Published
2016-07-22
CVE-2016-4591
WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 mishandles the location variable, which allows remote attackers to access the local filesystem via unspecified vectors.
CVSS Score
7.5
EPSS Score
0.027
Published
2016-07-22
CVE-2016-4589
WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4622, CVE-2016-4623, and CVE-2016-4624.
CVSS Score
8.8
EPSS Score
0.008
Published
2016-07-22
CVE-2016-4588
WebKit in Apple tvOS before 9.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.
CVSS Score
8.8
EPSS Score
0.013
Published
2016-07-22
CVE-2016-4587
WebKit in Apple iOS before 9.3.3 and tvOS before 9.2.2 allows remote attackers to obtain sensitive information from uninitialized process memory via a crafted web site.
CVSS Score
6.5
EPSS Score
0.007
Published
2016-07-22
CVE-2016-4586
WebKit in Apple Safari before 9.1.2 and tvOS before 9.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.
CVSS Score
8.8
EPSS Score
0.007
Published
2016-07-22
CVE-2016-4585
Cross-site scripting (XSS) vulnerability in the WebKit Page Loading implementation in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to inject arbitrary web script or HTML via an HTTP response specifying redirection that is mishandled by Safari.
CVSS Score
6.1
EPSS Score
0.01
Published
2016-07-22


Products
Pricing
Contact Us

Shodan ® - All rights reserved