Shodan
Vulnerabilities
Vulnerable Software
Apple:  >> Tvos  >> 1.1.0  Security Vulnerabilities
CVE-2016-1720
IOKit in Apple iOS before 9.2.1, OS X before 10.11.3, and tvOS before 9.1.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.
CVSS Score
7.8
EPSS Score
0.002
Published
2016-02-01
CVE-2016-1719
The IOHIDFamily API in Apple iOS before 9.2.1, OS X before 10.11.3, and tvOS before 9.1.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.
CVSS Score
7.8
EPSS Score
0.003
Published
2016-02-01
CVE-2016-1717
The Disk Images component in Apple iOS before 9.2.1, OS X before 10.11.3, and tvOS before 9.1.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.
CVSS Score
7.8
EPSS Score
0.001
Published
2016-02-01
CVE-2015-8659
The idle stream handling in nghttp2 before 1.6.0 allows attackers to have unspecified impact via unknown vectors, aka a heap-use-after-free bug.
CVSS Score
10.0
EPSS Score
0.022
Published
2016-01-12
CVE-2015-7116
libxml2 in Apple iOS before 9.2, OS X before 10.11.2, and tvOS before 9.1 allows remote attackers to obtain sensitive information or cause a denial of service (memory corruption) via a crafted XML document, a different vulnerability than CVE-2015-7115.
CVSS Score
4.3
EPSS Score
0.008
Published
2016-01-10
CVE-2015-7115
libxml2 in Apple iOS before 9.2, OS X before 10.11.2, and tvOS before 9.1 allows remote attackers to obtain sensitive information or cause a denial of service (memory corruption) via a crafted XML document, a different vulnerability than CVE-2015-7116.
CVSS Score
4.3
EPSS Score
0.008
Published
2016-01-10
CVE-2015-8242
The xmlSAX2TextNode function in SAX2.c in the push interface in the HTML parser in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service (stack-based buffer over-read and application crash) or obtain sensitive information via crafted XML data.
CVSS Score
5.8
EPSS Score
0.014
Published
2015-12-15
CVE-2015-7500
The xmlParseMisc function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service (out-of-bounds heap read) via unspecified vectors related to incorrect entities boundaries and start tags.
CVSS Score
5.0
EPSS Score
0.036
Published
2015-12-15
CVE-2015-7499
Heap-based buffer overflow in the xmlGROW function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to obtain sensitive process memory information via unspecified vectors.
CVSS Score
5.0
EPSS Score
0.018
Published
2015-12-15
CVE-2015-5312
The xmlStringLenDecodeEntities function in parser.c in libxml2 before 2.9.3 does not properly prevent entity expansion, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted XML data, a different vulnerability than CVE-2014-3660.
CVSS Score
7.1
EPSS Score
0.02
Published
2015-12-15


Products
Pricing
Contact Us

Shodan ® - All rights reserved