Watchos Security Vulnerabilities and Issues — Page 2 of Watchos CVE List

Lucene search

AppleWatchos

92 matches found

CVE•added 2016/05/20 10:59 a.m.•57 views

CVE-2016-1819

Use-after-free vulnerability in the IOAccelContext2::clientMemoryForType method in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a craft...

9.3CVSS7.6AI score0.07645EPSS

CVE•added 2016/07/22 2:59 a.m.•57 views

CVE-2016-1865

The kernel in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows local users to cause a denial of service (NULL pointer dereference) via unspecified vectors.

5.5CVSS5.7AI score0.00107EPSS

CVE•added 2016/09/25 10:59 a.m.•57 views

CVE-2016-4718

Buffer overflow in FontParser in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows remote attackers to obtain sensitive information from process memory via a crafted font file.

6.5CVSS6.5AI score0.0232EPSS

CVE•added 2016/02/01 11:59 a.m.•56 views

CVE-2016-1719

The IOHIDFamily API in Apple iOS before 9.2.1, OS X before 10.11.3, and tvOS before 9.1.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.

7.8CVSS7AI score0.00296EPSS

CVE•added 2016/02/01 11:59 a.m.•56 views

CVE-2016-1724

WebKit, as used in Apple iOS before 9.2.1, Safari before 9.0.3, and tvOS before 9.1.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-1727.

8.8CVSS7.7AI score0.01014EPSS

CVE•added 2016/07/22 2:59 a.m.•56 views

CVE-2016-4616

libxml2 in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors...

9.8CVSS9.1AI score

CVE•added 2016/02/01 11:59 a.m.•54 views

CVE-2016-1725

WebKit, as used in Apple iOS before 9.2.1 and Safari before 9.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-1723 and CVE-2016-1726.

9.3CVSS7.7AI score0.01632EPSS

CVE•added 2016/05/20 10:59 a.m.•54 views

CVE-2016-1830

The kernel in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1827, CVE-2016-1828, ...

8.5CVSS7.5AI score0.09639EPSS

CVE•added 2016/05/20 10:59 a.m.•53 views

CVE-2016-1829

9.3CVSS7.5AI score0.09639EPSS

CVE•added 2016/07/22 2:59 a.m.•53 views

CVE-2016-4582

The kernel in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1863 and CVE-2016-4653.

7.8CVSS7.6AI score0.00268EPSS

CVE•added 2016/02/01 11:59 a.m.•52 views

CVE-2016-1717

The Disk Images component in Apple iOS before 9.2.1, OS X before 10.11.3, and tvOS before 9.1.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.

7.8CVSS7AI score0.00062EPSS

CVE•added 2016/05/20 10:59 a.m.•52 views

CVE-2016-1808

The Disk Images subsystem in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

9.3CVSS7.6AI score0.006EPSS

CVE•added 2016/07/22 2:59 a.m.•52 views

CVE-2016-4637

CoreGraphics in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted BMP image.

8.8CVSS8.9AI score0.02898EPSS

CVE•added 2016/02/01 11:59 a.m.•51 views

CVE-2016-1722

syslog in Apple iOS before 9.2.1, OS X before 10.11.3, and tvOS before 9.1.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.

7.8CVSS7AI score0.00062EPSS

CVE•added 2016/03/24 1:59 a.m.•51 views

CVE-2016-1748

IOHIDFamily in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9.2, and watchOS before 2.2 allows attackers to obtain sensitive kernel memory-layout information via a crafted app.

4.3CVSS4.5AI score0.00257EPSS

CVE•added 2016/07/22 2:59 a.m.•50 views

CVE-2016-4614

9.8CVSS9.1AI score

CVE•added 2016/03/24 1:59 a.m.•49 views

CVE-2016-1761

libxml2 in Apple iOS before 9.3, OS X before 10.11.4, and watchOS before 2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted XML document.

10CVSS7.5AI score0.1098EPSS

CVE•added 2016/05/20 10:59 a.m.•49 views

CVE-2016-1817

IOAcceleratorFamily in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1818 and CVE...

9.3CVSS7.6AI score0.07645EPSS

CVE•added 2016/09/18 10:59 p.m.•49 views

CVE-2016-4719

The GeoServices component in Apple iOS before 10 and watchOS before 3 does not properly restrict access to PlaceData information, which allows attackers to discover physical locations via a crafted application.

5.5CVSS5.8AI score0.00233EPSS

CVE•added 2016/02/01 11:59 a.m.•48 views

CVE-2016-1720

IOKit in Apple iOS before 9.2.1, OS X before 10.11.3, and tvOS before 9.1.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.

7.8CVSS7.1AI score0.00182EPSS

CVE•added 2016/03/24 1:59 a.m.•48 views

CVE-2016-1788

Messages in Apple iOS before 9.3, OS X before 10.11.4, and watchOS before 2.2 does not properly implement a cryptographic protection mechanism, which allows remote attackers to read message attachments via vectors related to duplicate messages.

5.9CVSS5.9AI score0.00588EPSS

CVE•added 2016/05/20 10:59 a.m.•48 views

CVE-2016-1807

Race condition in the Disk Images subsystem in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows local users to obtain sensitive information from kernel memory via unspecified vectors.

5.1CVSS4.8AI score0.00118EPSS

CVE•added 2016/07/22 2:59 a.m.•48 views

CVE-2016-4632

ImageIO in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors.

7.5CVSS7.4AI score0.03107EPSS

CVE•added 2016/05/20 10:59 a.m.•47 views

CVE-2016-1803

CoreCapture in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a crafted app.

7.8CVSS7.6AI score0.02593EPSS

CVE•added 2016/05/20 10:59 a.m.•47 views

CVE-2016-1818

9.3CVSS7.6AI score0.07645EPSS

CVE•added 2016/05/20 11:0 a.m.•47 views

CVE-2016-1847

OpenGL, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.

8.8CVSS8.3AI score0.00856EPSS

CVE•added 2016/05/20 10:59 a.m.•46 views

CVE-2016-1813

The IOAccelSharedUserClient2::page_off_resource method in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a crafted app.

9.3CVSS7.7AI score0.03591EPSS

CVE•added 2016/05/20 10:59 a.m.•46 views

CVE-2016-1824

IOHIDFamily in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1823.

9.3CVSS7.6AI score0.05778EPSS

CVE•added 2016/03/24 1:59 a.m.•45 views

CVE-2016-1751

The kernel in Apple iOS before 9.3, tvOS before 9.2, and watchOS before 2.2 does not properly restrict the execute permission, which allows attackers to bypass a code-signing protection mechanism via a crafted app.

7.8CVSS7.3AI score0.00233EPSS

CVE•added 2016/03/24 1:59 a.m.•45 views

CVE-2016-1775

TrueTypeScaler in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9.2, and watchOS before 2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file.

9.3CVSS7.4AI score0.00736EPSS

CVE•added 2016/07/22 2:59 a.m.•45 views

CVE-2016-4626

IOHIDFamily in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows local users to gain privileges or cause a denial of service (NULL pointer dereference) via unspecified vectors.

7.8CVSS7.6AI score0.00101EPSS

CVE•added 2016/02/01 11:59 a.m.•44 views

CVE-2016-1721

The kernel in Apple iOS before 9.2.1, OS X before 10.11.3, and tvOS before 9.1.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.

7.8CVSS6.9AI score0.00182EPSS

CVE•added 2016/05/20 10:59 a.m.•44 views

CVE-2016-1802

CCCrypt in CommonCrypto in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 mishandles return values during key-length calculations, which allows attackers to obtain sensitive information via a crafted app.

5.5CVSS5AI score0.00262EPSS

CVE•added 2016/05/20 10:59 a.m.•44 views

CVE-2016-1842

MapKit in Apple iOS before 9.3.2, OS X before 10.11.5, and watchOS before 2.2.1 does not use HTTPS for shared links, which allows remote attackers to obtain sensitive information by sniffing the network for HTTP traffic.

7.5CVSS6.6AI score0.01282EPSS

CVE•added 2016/03/24 1:59 a.m.•43 views

CVE-2016-1750

Use-after-free vulnerability in the kernel in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9.2, and watchOS before 2.2 allows attackers to execute arbitrary code in a privileged context via a crafted app.

9.3CVSS6.8AI score0.00378EPSS

CVE•added 2016/05/20 10:59 a.m.•42 views

CVE-2016-1832

libc in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.

7.8CVSS7AI score0.00099EPSS

CVE•added 2016/07/22 2:59 a.m.•42 views

CVE-2016-4594

The Sandbox Profiles component in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows attackers to access the process list via a crafted app that makes an API call.

7.8CVSS7.3AI score0.00209EPSS

CVE•added 2016/07/22 2:59 a.m.•42 views

CVE-2016-4628

IOAcceleratorFamily in Apple iOS before 9.3.3 and watchOS before 2.2.2 allows local users to obtain sensitive information from kernel memory or cause a denial of service (out-of-bounds read) via unspecified vectors.

5.5CVSS5.7AI score0.00094EPSS

CVE•added 2016/05/20 10:59 a.m.•41 views

CVE-2016-1811

ImageIO in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted image.

6.5CVSS6AI score0.01746EPSS

CVE•added 2016/05/20 10:59 a.m.•40 views

CVE-2016-1823

The IOHIDDevice::handleReportWithTime function in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (out-of-bounds read and memory corruption) via a crafted IOHIDRe...

9.3CVSS7.6AI score0.05778EPSS

CVE•added 2016/05/20 10:59 a.m.•40 views

CVE-2016-1831

The kernel in Apple iOS before 9.3.2 and OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

9.3CVSS7.5AI score0.00402EPSS

CVE•added 2016/07/22 2:59 a.m.•39 views

CVE-2016-4627

IOAcceleratorFamily in Apple iOS before 9.3.3, tvOS before 9.2.2, and watchOS before 2.2.2 allows local users to gain privileges or cause a denial of service (NULL pointer dereference) via unspecified vectors.

7.8CVSS7.6AI score0.00106EPSS

Total number of security vulnerabilities92