Watchos@* Security Vulnerabilities and Issues — Page 24 of Watchos@* CVE List

Lucene search

AppleWatchos*

1606 matches found

CVE•added 2020/10/22 7:15 p.m.•66 views

CVE-2020-9902

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8. A malicious application may be able to determine kernel memory layout.

7.1CVSS5.5AI score0.00328EPSS

CVE•added 2022/03/18 6:15 p.m.•66 views

CVE-2022-22585

An issue existed within the path validation logic for symlinks. This issue was addressed with improved path sanitization. This issue is fixed in iOS 15.3 and iPadOS 15.3, watchOS 8.4, tvOS 15.3, macOS Monterey 12.2, macOS Big Sur 11.6.3. An application may be able to access a user's files.

7.5CVSS7AI score0.00572EPSS

CVE•added 2022/11/01 8:15 p.m.•66 views

CVE-2022-32898

The issue was addressed with improved memory handling. This issue is fixed in iOS 15.7 and iPadOS 15.7, iOS 16, macOS Ventura 13, watchOS 9. An app may be able to execute arbitrary code with kernel privileges.

7.8CVSS7.9AI score0.03901EPSS

CVE•added 2022/11/01 8:15 p.m.•66 views

CVE-2022-42811

An access issue was addressed with additional sandbox restrictions. This issue is fixed in tvOS 16.1, iOS 16.1 and iPadOS 16, macOS Ventura 13, watchOS 9.1. An app may be able to access user-sensitive data.

5.5CVSS5.8AI score0.00064EPSS

CVE•added 2023/09/27 3:19 p.m.•66 views

CVE-2023-40452

The issue was addressed with improved bounds checks. This issue is fixed in macOS Ventura 13.6, tvOS 17, macOS Monterey 12.7, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. An app may be able to overwrite arbitrary files.

7.1CVSS6.1AI score0.00021EPSS

CVE•added 2024/01/23 1:15 a.m.•66 views

CVE-2024-23207

This issue was addressed with improved redaction of sensitive information. This issue is fixed in watchOS 10.3, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, macOS Ventura 13.6.4, macOS Monterey 12.7.3. An app may be able to access sensitive user data.

5.5CVSS5.3AI score0.00022EPSS

CVE•added 2024/06/10 9:15 p.m.•66 views

CVE-2024-27830

This issue was addressed through improved state management. This issue is fixed in tvOS 17.5, visionOS 1.2, Safari 17.5, iOS 17.5 and iPadOS 17.5, watchOS 10.5, macOS Sonoma 14.5. A maliciously crafted webpage may be able to fingerprint the user.

6.5CVSS5.8AI score0.00224EPSS

CVE•added 2016/06/26 1:59 a.m.•65 views

CVE-2015-7987

Multiple buffer overflows in mDNSResponder before 625.41.2 allow remote attackers to read or write to out-of-bounds memory locations via vectors involving the (1) GetValueForIPv4Addr, (2) GetValueForMACAddr, (3) rfc3110_import, or (4) CopyNSEC3ResourceRecord function.

9.8CVSS9.3AI score0.03085EPSS

CVE•added 2017/02/20 8:59 a.m.•65 views

CVE-2016-4688

An issue was discovered in certain Apple products. iOS before 10.1 is affected. macOS before 10.12.1 is affected. tvOS before 10.0.1 is affected. watchOS before 3.1 is affected. watchOS before 3.1.3 is affected. The issue involves the "FontParser" component. It allows remote attackers to execute ar...

8.8CVSS7.6AI score0.01334EPSS

CVE•added 2016/09/25 10:59 a.m.•65 views

CVE-2016-4712

CoreCrypto in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows attackers to execute arbitrary code or cause a denial of service (out-of-bounds write) via a crafted app.

9.3CVSS8.4AI score0.00263EPSS

CVE•added 2016/09/25 11:0 a.m.•65 views

CVE-2016-4772

The kernel in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows remote attackers to cause a denial of service (unintended lock) via unspecified vectors.

7.5CVSS7.2AI score0.03175EPSS

CVE•added 2016/09/25 11:0 a.m.•65 views

CVE-2016-4776

The kernel in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows attackers to obtain sensitive memory-layout information or cause a denial of service (out-of-bounds read) via a crafted app, a different vulnerability than CVE-2016-4773 and CVE-2016-4774.

7.1CVSS6.8AI score0.00196EPSS

CVE•added 2017/04/02 1:59 a.m.•65 views

CVE-2017-2458

An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Keyboards" component. A buffer overflow allows attackers to execute arbitrary code in a privileged ...

9.3CVSS7.9AI score0.00701EPSS

CVE•added 2017/04/02 1:59 a.m.•65 views

CVE-2017-2467

An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "ImageIO" component. It allows remote attackers to execute arbitrary code or cause a denial of servi...

7.8CVSS8.6AI score0.00808EPSS

CVE•added 2017/07/20 4:29 p.m.•65 views

CVE-2017-7068

An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. macOS before 10.12.6 is affected. tvOS before 10.2.2 is affected. watchOS before 3.2.3 is affected. The issue involves the "libarchive" component. It allows remote attackers to execute arbitrary code or cause a denial...

8.8CVSS8.5AI score0.01802EPSS

CVE•added 2017/10/23 1:29 a.m.•65 views

CVE-2017-7127

An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is affected. iCloud before 7.0 on Windows is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the "SQLite" component. It allows attackers to execute arbitrary code ...

9.3CVSS8.1AI score0.00172EPSS

CVE•added 2019/04/03 6:29 p.m.•65 views

CVE-2018-4248

An out-of-bounds read was addressed with improved input validation. This issue affected versions prior to iOS 11.4.1, macOS High Sierra 10.13.6, tvOS 11.4.1, watchOS 4.3.2.

7.5CVSS5.8AI score0.02821EPSS

CVE•added 2019/12/18 6:15 p.m.•65 views

CVE-2019-8510

An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A malicious application may be able to determine kernel memory layout.

5.5CVSS5.3AI score0.00068EPSS

CVE•added 2019/12/18 6:15 p.m.•65 views

CVE-2019-8620

A user privacy issue was addressed by removing the broadcast MAC address. This issue is fixed in iOS 12.3, tvOS 12.3, watchOS 5.2.1. A device may be passively tracked by its WiFi MAC address.

7.5CVSS7.1AI score0.00386EPSS

CVE•added 2020/10/27 8:15 p.m.•65 views

CVE-2019-8668

A denial of service issue was addressed with improved validation. This issue is fixed in iOS 12.4, tvOS 12.4, watchOS 5.3. Processing a maliciously crafted image may lead to a denial of service.

5.5CVSS5.5AI score0.00196EPSS

CVE•added 2021/04/02 6:15 p.m.•65 views

CVE-2020-27922

A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, macOS Big Sur 11.0.1, iOS 14.2 and iPadOS 14.2, watchOS 7.1, tvOS 14.2. Processing a maliciously crafted font file may lead to a...

7.8CVSS7.7AI score0.00482EPSS

CVE•added 2020/10/22 6:15 p.m.•65 views

CVE-2020-9892

Multiple memory corruption issues were addressed with improved state management. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8. A malicious application may be able to execute arbitrary code with system privileges.

9.3CVSS8.3AI score0.00428EPSS

CVE•added 2020/10/16 5:15 p.m.•65 views

CVE-2020-9946

This issue was addressed with improved checks. This issue is fixed in iOS 14.0 and iPadOS 14.0, watchOS 7.0. The screen lock may not engage after the specified time period.

6.8CVSS6AI score0.00057EPSS

CVE•added 2021/09/08 3:15 p.m.•65 views

CVE-2021-1770

A buffer overflow may result in arbitrary code execution. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. A logic issue was addressed with improved state management.

9.8CVSS8.7AI score0.02359EPSS

CVE•added 2021/09/08 3:15 p.m.•65 views

CVE-2021-1814

This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.3, watchOS 7.4. Processing a maliciously crafted image may lead to arbitrary code execution.

7.8CVSS8.2AI score0.00317EPSS

CVE•added 2022/11/01 8:15 p.m.•65 views

CVE-2022-42800

This issue was addressed with improved checks. This issue is fixed in iOS 15.7.1 and iPadOS 15.7.1, macOS Ventura 13, watchOS 9.1, iOS 16.1 and iPadOS 16, macOS Monterey 12.6.1, macOS Big Sur 11.7.1. A user may be able to cause unexpected app termination or arbitrary code execution.

7.8CVSS8AI score0.00049EPSS

CVE•added 2023/06/23 6:15 p.m.•65 views

CVE-2023-32352

A logic issue was addressed with improved checks. This issue is fixed in watchOS 9.5, macOS Ventura 13.4, macOS Big Sur 11.7.7, macOS Monterey 12.6.6, iOS 16.5 and iPadOS 16.5. An app may bypass Gatekeeper checks.

5.5CVSS5.8AI score0.00008EPSS

CVE•added 2023/09/27 3:19 p.m.•65 views

CVE-2023-40399

The issue was addressed with improved memory handling. This issue is fixed in tvOS 17, iOS 17 and iPadOS 17, watchOS 10, macOS Sonoma 14. An app may be able to disclose kernel memory.

5.5CVSS4.9AI score0.00022EPSS

CVE•added 2024/06/10 9:15 p.m.•65 views

CVE-2024-27815

An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in tvOS 17.5, visionOS 1.2, iOS 17.5 and iPadOS 17.5, watchOS 10.5, macOS Sonoma 14.5. An app may be able to execute arbitrary code with kernel privileges.

7.8CVSS7.2AI score0.17999EPSS

CVE•added 2024/12/12 2:15 a.m.•65 views

CVE-2024-54526

The issue was addressed with improved checks. This issue is fixed in watchOS 11.2, tvOS 18.2, macOS Sequoia 15.2, iOS 18.2 and iPadOS 18.2, macOS Ventura 13.7.2, macOS Sonoma 14.7.2. A malicious app may be able to access private information.

5.5CVSS5.6AI score0.00066EPSS

CVE•added 2016/01/12 7:59 p.m.•64 views

CVE-2015-8659

The idle stream handling in nghttp2 before 1.6.0 allows attackers to have unspecified impact via unknown vectors, aka a heap-use-after-free bug.

10CVSS7.2AI score0.02186EPSS

CVE•added 2016/07/22 2:59 a.m.•64 views

CVE-2016-4607

libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors...

9.8CVSS9.2AI score

CVE•added 2016/09/25 11:0 a.m.•64 views

CVE-2016-4774

7.1CVSS6.8AI score0.00196EPSS

CVE•added 2021/12/23 8:15 p.m.•64 views

CVE-2017-13880

A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 11.2, watchOS 4.2. An application may be able to execute arbitrary code with kernel privilege.

9.3CVSS7.4AI score0.00202EPSS

CVE•added 2017/04/02 1:59 a.m.•64 views

CVE-2017-2390

An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves symlink mishandling in the "libarchive" component. It allows local users to change arbitrary directory p...

5.5CVSS5.5AI score0.00086EPSS

CVE•added 2017/10/23 1:29 a.m.•64 views

CVE-2017-7112

An issue was discovered in certain Apple products. iOS before 11 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the "Wi-Fi" component. It might allow remote attackers to execute arbitrary code in a privileged context or cause a denial of service (memory co...

10CVSS8.9AI score0.10946EPSS

CVE•added 2019/04/03 6:29 p.m.•64 views

CVE-2018-4343

A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.

9.3CVSS7.9AI score0.03814EPSS

CVE•added 2020/10/27 8:15 p.m.•64 views

CVE-2018-4433

A configuration issue was addressed with additional restrictions. This issue is fixed in macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra, watchOS 5, iOS 12, tvOS 12, macOS Mojave 10.14. A malicious application may be able to modify protected parts of the ...

5.5CVSS5.7AI score0.00302EPSS

CVE•added 2019/12/18 6:15 p.m.•64 views

CVE-2019-8682

The issue was addressed with improved UI handling. This issue is fixed in iOS 12.4, watchOS 5.3. A user may inadvertently complete an in-app purchase while on the lock screen.

2.4CVSS4.5AI score0.00045EPSS

CVE•added 2021/12/23 8:15 p.m.•64 views

CVE-2019-8703

This issue was addressed with improved entitlements. This issue is fixed in watchOS 6, tvOS 13, macOS Catalina 10.15, iOS 13. An application may be able to gain elevated privileges.

9.8CVSS7.9AI score0.00868EPSS

CVE•added 2020/04/01 6:15 p.m.•64 views

CVE-2020-3917

This issue was addressed with a new entitlement. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2. An application may be able to use an SSH client provided by private frameworks.

5.5CVSS5.7AI score0.00063EPSS

CVE•added 2020/10/22 6:15 p.m.•64 views

CVE-2020-3918

An access issue was addressed with additional sandbox restrictions. This issue is fixed in iOS 13.4 and iPadOS 13.4, macOS Catalina 10.15.4, tvOS 13.4, watchOS 6.2. A local user may be able to view sensitive user information.

5.5CVSS5.3AI score0.00067EPSS

CVE•added 2020/10/22 7:15 p.m.•64 views

CVE-2020-9920

A path handling issue was addressed with improved validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, watchOS 6.2.8. A malicious mail server may overwrite arbitrary mail files.

9.1CVSS7.9AI score0.00698EPSS

CVE•added 2022/11/01 8:15 p.m.•64 views

CVE-2022-32932

The issue was addressed with improved memory handling. This issue is fixed in iOS 15.7.1 and iPadOS 15.7.1, iOS 16.1 and iPadOS 16, watchOS 9.1. An app may be able to execute arbitrary code with kernel privileges.

7.8CVSS8AI score0.00237EPSS

CVE•added 2023/06/23 6:15 p.m.•64 views

CVE-2023-32408

The issue was addressed with improved handling of caches. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.6 and iPadOS 15.7.6, macOS Monterey 12.6.6, iOS 16.5 and iPadOS 16.5. An app may be able to read sensitive location information.

5.5CVSS5.5AI score0.00023EPSS

CVE•added 2023/09/27 3:19 p.m.•64 views

CVE-2023-41071

A use-after-free issue was addressed with improved memory management. This issue is fixed in tvOS 17, iOS 17 and iPadOS 17, watchOS 10, macOS Ventura 13.6. An app may be able to execute arbitrary code with kernel privileges.

7.8CVSS7AI score0.00036EPSS

CVE•added 2024/06/10 9:15 p.m.•64 views

CVE-2024-27801

The issue was addressed with improved checks. This issue is fixed in tvOS 17.5, visionOS 1.2, iOS 17.5 and iPadOS 17.5, watchOS 10.5, macOS Sonoma 14.5. An app may be able to elevate privileges.

8.4CVSS5.7AI score0.00055EPSS

CVE•added 2013/06/05 2:39 p.m.•63 views

CVE-2013-3951

sys/openbsd/stack_protector.c in libc in Apple iOS 6.1.3 and Mac OS X 10.8.x does not properly parse the Apple strings employed in the user-space stack-cookie implementation, which allows local users to bypass cookie randomization by executing a program with a call-path beginning with the stack-gua...

4.6CVSS5.7AI score0.00061EPSS

CVE•added 2015/10/23 9:59 p.m.•63 views

CVE-2015-5935

ImageIO in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted metadata in an image, a different vulnerability than CVE-2015-5936, CVE-2015-5937, and CVE-2015-5939.

6.8CVSS9.1AI score0.02828EPSS

CVE•added 2016/02/01 11:59 a.m.•63 views

CVE-2016-1726

WebKit, as used in Apple iOS before 9.2.1 and Safari before 9.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-1723 and CVE-2016-1725.

9.3CVSS7.7AI score0.01695EPSS

Total number of security vulnerabilities1606