Lucene search

K
AppleWatchos

1623 matches found

CVE
CVE
added 2019/04/03 6:29 p.m.306 views

CVE-2018-20506

SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow (and resultant buffer overflow) for FTS3 queries in a "merge" operation that occurs after crafted changes to FTS3 shadow tables, allowing remote attackers to execute arbitrary code by leveraging the ability to ...

8.1CVSS8.4AI score0.17974EPSS
CVE
CVE
added 2023/07/27 1:15 a.m.299 views

CVE-2023-35993

A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.6.8, iOS 15.7.8 and iPadOS 15.7.8, iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Big Sur 11.7.9, macOS Ventura 13.5, watchOS 9.6. An app may be able to execute arbitrary code with kernel priv...

7.8CVSS7.3AI score0.00039EPSS
CVE
CVE
added 2021/09/08 3:15 p.m.296 views

CVE-2021-1825

An input validation issue was addressed with improved input validation. This issue is fixed in iTunes 12.11.3 for Windows, iCloud for Windows 12.3, macOS Big Sur 11.3, Safari 14.1, watchOS 7.4, tvOS 14.5, iOS 14.5 and iPadOS 14.5. Processing maliciously crafted web content may lead to a cross site ...

6.1CVSS6.4AI score0.00178EPSS
CVE
CVE
added 2023/10/25 7:15 p.m.296 views

CVE-2023-42852

A logic issue was addressed with improved checks. This issue is fixed in iOS 17.1 and iPadOS 17.1, watchOS 10.1, iOS 16.7.2 and iPadOS 16.7.2, macOS Sonoma 14.1, Safari 17.1, tvOS 17.1. Processing web content may lead to arbitrary code execution.

8.8CVSS8.3AI score0.01987EPSS
CVE
CVE
added 2020/05/27 3:15 p.m.293 views

CVE-2020-13630

ext/fts3/fts3.c in SQLite before 3.32.0 has a use-after-free in fts3EvalNextRow, related to the snippet feature.

7CVSS7.5AI score0.00177EPSS
CVE
CVE
added 2021/04/02 7:15 p.m.293 views

CVE-2021-1799

A port redirection issue was addressed with additional port validation. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, watchOS 7.3, iOS 14.4 and iPadOS 14.4, Safari 14.0.3. A malicious website may be able to access restricte...

6.5CVSS6.6AI score0.00207EPSS
CVE
CVE
added 2023/02/27 8:15 p.m.293 views

CVE-2022-32844

A race condition was addressed with improved state handling. This issue is fixed in tvOS 15.6, watchOS 8.7, iOS 15.6 and iPadOS 15.6. An app with arbitrary kernel read and write capability may be able to bypass Pointer Authentication.

6.3CVSS5.8AI score0.00015EPSS
CVE
CVE
added 2020/04/01 6:15 p.m.290 views

CVE-2020-3899

A memory consumption issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A remote attacker may be able to cause arbitrary code executi...

9.3CVSS8.5AI score0.00452EPSS
CVE
CVE
added 2025/01/27 10:15 p.m.290 views

CVE-2025-24124

The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.4, macOS Ventura 13.7.3, macOS Sonoma 14.7.3, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. Parsing a file may lead to an unexpected app termination.

5.5CVSS5.7AI score0.00022EPSS
CVE
CVE
added 2021/04/02 6:15 p.m.289 views

CVE-2021-1788

A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, watchOS 7.3, iOS 14.4 and iPadOS 14.4, Safari 14.0.3. Processing maliciously crafted web content may lead t...

8.8CVSS8.4AI score0.00833EPSS
CVE
CVE
added 2023/07/27 1:15 a.m.288 views

CVE-2023-32441

The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.6.8, iOS 15.7.8 and iPadOS 15.7.8, iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Big Sur 11.7.9, macOS Ventura 13.5, watchOS 9.6. An app may be able to execute arbitrary code with kernel privileges.

7.8CVSS7.3AI score0.00039EPSS
CVE
CVE
added 2019/12/18 6:15 p.m.286 views

CVE-2019-8820

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead t...

8.8CVSS8.6AI score0.04919EPSS
CVE
CVE
added 2020/02/27 9:15 p.m.286 views

CVE-2020-3843

A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.4.7, watchOS 5.3.7. A remote attacker may be able to cause unexpected system termination or corrupt kernel memory.

9.3CVSS7.4AI score0.01654EPSS
CVE
CVE
added 2023/07/27 1:15 a.m.286 views

CVE-2023-32416

A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.6.8, iOS 15.7.8 and iPadOS 15.7.8, iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5, watchOS 9.6. An app may be able to read sensitive location information.

5.5CVSS5AI score0.00033EPSS
CVE
CVE
added 2023/07/27 1:15 a.m.286 views

CVE-2023-38565

A path handling issue was addressed with improved validation. This issue is fixed in macOS Monterey 12.6.8, iOS 16.6 and iPadOS 16.6, macOS Big Sur 11.7.9, macOS Ventura 13.5, watchOS 9.6. An app may be able to gain root privileges.

7.8CVSS6.7AI score0.00029EPSS
CVE
CVE
added 2023/09/27 3:19 p.m.286 views

CVE-2023-41074

The issue was addressed with improved checks. This issue is fixed in tvOS 17, Safari 17, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. Processing web content may lead to arbitrary code execution.

8.8CVSS8.6AI score0.0123EPSS
CVE
CVE
added 2016/07/23 7:59 p.m.285 views

CVE-2016-5131

Use-after-free vulnerability in libxml2 through 2.9.4, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the XPointer range-to function.

8.8CVSS7.8AI score0.04288EPSS
CVE
CVE
added 2020/10/16 5:15 p.m.285 views

CVE-2020-9983

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in Safari 14.0. Processing maliciously crafted web content may lead to code execution.

8.8CVSS7.8AI score0.00712EPSS
CVE
CVE
added 2020/06/09 5:15 p.m.284 views

CVE-2020-9805

A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to universal cross si...

7.1CVSS7AI score0.00249EPSS
CVE
CVE
added 2022/11/23 6:15 p.m.283 views

CVE-2022-40304

An issue was discovered in libxml2 before 2.10.3. Certain invalid XML entity definitions can corrupt a hash table key, potentially leading to subsequent logic errors. In one case, a double-free can be provoked.

7.8CVSS6.9AI score0.00095EPSS
CVE
CVE
added 2021/10/19 2:15 p.m.281 views

CVE-2021-30849

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, watchOS 8, Safari 15, tvOS 15, iOS 15 and iPadOS 15, iTunes 12.12 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution.

7.8CVSS8.5AI score0.00321EPSS
CVE
CVE
added 2023/07/27 12:15 a.m.281 views

CVE-2023-32433

A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.6.8, iOS 15.7.8 and iPadOS 15.7.8, iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Big Sur 11.7.9, macOS Ventura 13.5, watchOS 9.6. An app may be able to execute arbitrary code with kernel priv...

7.8CVSS7.3AI score0.00039EPSS
CVE
CVE
added 2023/07/27 1:15 a.m.281 views

CVE-2023-38593

A logic issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.6.8, iOS 16.6 and iPadOS 16.6, macOS Big Sur 11.7.9, macOS Ventura 13.5, watchOS 9.6. An app may be able to cause a denial-of-service.

5.5CVSS5.1AI score0.00021EPSS
CVE
CVE
added 2017/04/02 1:59 a.m.279 views

CVE-2017-2471

An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. watchOS before 3.2 is affected. The issue involves the "WebKit" component. A use-after-free vulnerability allows remote attackers to execute arbitrary code via a crafted web site.

8.8CVSS7.4AI score0.23334EPSS
CVE
CVE
added 2019/04/03 6:29 p.m.279 views

CVE-2018-20505

SQLite 3.25.2, when queries are run on a table with a malformed PRIMARY KEY, allows remote attackers to cause a denial of service (application crash) by leveraging the ability to run arbitrary SQL statements (such as in certain WebSQL use cases).

7.5CVSS8.2AI score0.07886EPSS
CVE
CVE
added 2020/06/09 5:15 p.m.279 views

CVE-2020-9803

A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrar...

8.8CVSS9.2AI score0.00309EPSS
CVE
CVE
added 2020/10/16 5:15 p.m.277 views

CVE-2020-9951

A use after free issue was addressed with improved memory management. This issue is fixed in Safari 14.0. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8CVSS8.2AI score0.01145EPSS
CVE
CVE
added 2020/06/09 5:15 p.m.275 views

CVE-2020-9850

A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. A remote attacker may be able to cause arbitrary code execution.

9.8CVSS8.8AI score0.83809EPSS
CVE
CVE
added 2021/04/02 7:15 p.m.275 views

CVE-2021-1801

This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. Maliciously crafted web content may violate iframe sandboxing policy.

6.5CVSS6.8AI score0.00254EPSS
CVE
CVE
added 2019/12/18 6:15 p.m.273 views

CVE-2019-8646

An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3. A remote attacker may be able to leak memory.

7.5CVSS6.8AI score0.07545EPSS
CVE
CVE
added 2023/07/27 12:15 a.m.272 views

CVE-2023-32381

A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.6.8, iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Big Sur 11.7.9, macOS Ventura 13.5, watchOS 9.6. An app may be able to execute arbitrary code with kernel privileges.

7.8CVSS7.3AI score0.00069EPSS
CVE
CVE
added 2020/04/14 11:15 p.m.268 views

CVE-2020-11763

An issue was discovered in OpenEXR before 2.4.1. There is an std::vector out-of-bounds read and write, as demonstrated by ImfTileOffsets.cpp.

5.5CVSS5.5AI score0.00363EPSS
CVE
CVE
added 2020/06/09 5:15 p.m.268 views

CVE-2020-9806

A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to ar...

8.8CVSS9.1AI score0.00309EPSS
CVE
CVE
added 2020/10/27 8:15 p.m.267 views

CVE-2019-8844

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13.3, watchOS 6.1.1, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. Processing maliciously crafted web content may lead...

9.3CVSS8.6AI score0.00658EPSS
CVE
CVE
added 2023/10/25 7:15 p.m.266 views

CVE-2023-41254

A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in iOS 17.1 and iPadOS 17.1, watchOS 10.1, iOS 16.7.2 and iPadOS 16.7.2, macOS Ventura 13.6.1, macOS Sonoma 14.1. An app may be able to access sensitive user data.

5.5CVSS5AI score0.00027EPSS
CVE
CVE
added 2023/09/12 12:15 a.m.266 views

CVE-2023-41990

The issue was addressed with improved handling of caches. This issue is fixed in tvOS 16.3, iOS 16.3 and iPadOS 16.3, macOS Monterey 12.6.8, macOS Big Sur 11.7.9, iOS 15.7.8 and iPadOS 15.7.8, macOS Ventura 13.2, watchOS 9.3. Processing a font file may lead to arbitrary code execution. Apple is awa...

7.8CVSS7.9AI score0.04103EPSS
CVE
CVE
added 2020/10/16 5:15 p.m.261 views

CVE-2020-9895

A use after free issue was addressed with improved memory management. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. A remote attacker may be able to cause unexpected applicati...

9.8CVSS9.1AI score0.00439EPSS
CVE
CVE
added 2019/12/18 6:15 p.m.259 views

CVE-2019-8816

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead t...

9.3CVSS8.6AI score0.00493EPSS
CVE
CVE
added 2020/10/16 5:15 p.m.259 views

CVE-2020-9894

An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. A remote attacker may be able to cause unexpected application...

4.3CVSS6.7AI score0.00204EPSS
CVE
CVE
added 2023/10/25 7:15 p.m.259 views

CVE-2023-40447

The issue was addressed with improved memory handling. This issue is fixed in iOS 17.1 and iPadOS 17.1, watchOS 10.1, iOS 16.7.2 and iPadOS 16.7.2, macOS Sonoma 14.1, Safari 17.1, tvOS 17.1. Processing web content may lead to arbitrary code execution.

8.8CVSS8.2AI score0.00295EPSS
CVE
CVE
added 2019/12/18 6:15 p.m.258 views

CVE-2019-8812

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8CVSS8.6AI score0.00225EPSS
CVE
CVE
added 2023/10/25 7:15 p.m.258 views

CVE-2023-42849

The issue was addressed with improved memory handling. This issue is fixed in iOS 17.1 and iPadOS 17.1, macOS Monterey 12.7.1, watchOS 10.1, iOS 16.7.2 and iPadOS 16.7.2, macOS Ventura 13.6.1, macOS Sonoma 14.1. An attacker that has already achieved kernel code execution may be able to bypass kerne...

6.5CVSS6.1AI score0.00241EPSS
CVE
CVE
added 2015/04/24 5:59 p.m.257 views

CVE-2015-3414

SQLite before 3.8.9 does not properly implement the dequoting of collation-sequence names, which allows context-dependent attackers to cause a denial of service (uninitialized memory access and application crash) or possibly have unspecified other impact via a crafted COLLATE clause, as demonstrate...

7.5CVSS8.2AI score0.07077EPSS
CVE
CVE
added 2019/12/18 6:15 p.m.257 views

CVE-2019-8811

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead t...

8.8CVSS8.6AI score0.00321EPSS
CVE
CVE
added 2020/04/14 11:15 p.m.257 views

CVE-2020-11764

An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds write in copyIntoFrameBuffer in ImfMisc.cpp.

5.5CVSS5.6AI score0.00493EPSS
CVE
CVE
added 2020/10/16 5:15 p.m.257 views

CVE-2020-9925

A logic issue was addressed with improved state management. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing maliciously crafted web content may lead to universal cros...

6.1CVSS6.4AI score0.00396EPSS
CVE
CVE
added 2019/12/18 6:15 p.m.256 views

CVE-2019-8764

A logic issue was addressed with improved state management. This issue is fixed in watchOS 6.1. Processing maliciously crafted web content may lead to universal cross site scripting.

6.1CVSS6.1AI score0.00147EPSS
CVE
CVE
added 2019/12/18 6:15 p.m.256 views

CVE-2019-8766

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in watchOS 6.1, iCloud for Windows 11.0. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8CVSS8.9AI score0.0052EPSS
CVE
CVE
added 2020/06/09 5:15 p.m.256 views

CVE-2020-9843

An input validation issue was addressed with improved input validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to a ...

7.1CVSS6.9AI score0.00206EPSS
CVE
CVE
added 2023/10/25 7:15 p.m.256 views

CVE-2023-41982

This issue was addressed by restricting options offered on a locked device. This issue is fixed in macOS Sonoma 14.1, watchOS 10.1, iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1. An attacker with physical access may be able to use Siri to access sensitive user data.

4.6CVSS4.7AI score0.00087EPSS
Total number of security vulnerabilities1623