Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
AppleWatchos*

1606 matches found

CVE
CVEadded 2018/04/03 6:29 a.m.129 views

CVE-2018-4087

An issue was discovered in certain Apple products. iOS before 11.2.5 is affected. tvOS before 11.2.5 is affected. watchOS before 4.2.2 is affected. The issue involves the "Core Bluetooth" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (...

9.3CVSS8.2AI score0.19947EPSS
CVE
CVEadded 2022/05/11 3:15 p.m.129 views

CVE-2022-1622

LibTIFF master branch has an out-of-bounds read in LZWDecode in libtiff/tif_lzw.c:619, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit b4e79bfa.

5.5CVSS5.6AI score0.00114EPSS
CVE
CVEadded 2022/03/18 6:15 p.m.129 views

CVE-2022-22596

A memory corruption issue was addressed with improved validation. This issue is fixed in watchOS 8.5, iOS 15.4 and iPadOS 15.4. An application may be able to execute arbitrary code with kernel privileges.

7.8CVSS7.8AI score0.00039EPSS
CVE
CVEadded 2022/09/20 9:15 p.m.129 views

CVE-2022-32788

A buffer overflow was addressed with improved bounds checking. This issue is fixed in watchOS 8.7, tvOS 15.6, iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5. A remote user may be able to cause kernel code execution.

9.8CVSS8.4AI score0.00726EPSS
CVE
CVEadded 2022/11/01 8:15 p.m.129 views

CVE-2022-42825

This issue was addressed by removing additional entitlements. This issue is fixed in tvOS 16.1, macOS Ventura 13, watchOS 9.1, iOS 16.1 and iPadOS 16, macOS Monterey 12.6.1, macOS Big Sur 11.7.1. An app may be able to modify protected parts of the file system.

5.5CVSS6AI score0.00019EPSS
CVE
CVEadded 2024/05/14 3:13 p.m.129 views

CVE-2024-27834

The issue was addressed with improved checks. This issue is fixed in iOS 17.5 and iPadOS 17.5, tvOS 17.5, Safari 17.5, watchOS 10.5, macOS Sonoma 14.5. An attacker with arbitrary read and write capability may be able to bypass Pointer Authentication.

8.1CVSS5.4AI score0.00007EPSS
CVE
CVEadded 2022/11/01 8:15 p.m.128 views

CVE-2022-42803

A race condition was addressed with improved locking. This issue is fixed in tvOS 16.1, iOS 15.7.1 and iPadOS 15.7.1, macOS Ventura 13, watchOS 9.1, iOS 16.1 and iPadOS 16, macOS Monterey 12.6.1. An app may be able to execute arbitrary code with kernel privileges.

7CVSS7.4AI score0.00098EPSS
CVE
CVEadded 2023/02/27 8:15 p.m.128 views

CVE-2023-23503

A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3, iOS 15.7.3 and iPadOS 15.7.3, tvOS 16.3, watchOS 9.3. An app may be able to bypass Privacy preferences.

5.5CVSS4.3AI score0.00012EPSS
CVE
CVEadded 2015/11/18 4:59 p.m.127 views

CVE-2015-7942

The xmlParseConditionalSections function in parser.c in libxml2 does not properly skip intermediary entities when it stops parsing invalid input, which allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via crafted XML data, a different vulnerability than...

6.8CVSS6.6AI score0.01228EPSS
CVE
CVEadded 2024/12/12 2:15 a.m.127 views

CVE-2024-54534

The issue was addressed with improved memory handling. This issue is fixed in watchOS 11.2, visionOS 2.2, tvOS 18.2, macOS Sequoia 15.2, Safari 18.2, iOS 18.2 and iPadOS 18.2. Processing maliciously crafted web content may lead to memory corruption.

9.8CVSS5.8AI score0.00368EPSS
CVE
CVEadded 2017/02/20 8:59 a.m.126 views

CVE-2017-2363

An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. tvOS before 10.1.1 is affected. watchOS before 3.1.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to bypass the Same Origin Policy and obtain sen...

6.5CVSS5.7AI score0.21274EPSS
CVE
CVEadded 2018/04/03 6:29 a.m.126 views

CVE-2018-4117

An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. watchOS before 4.3 is affected. The issue involves the fetch API in the "WebKit" component. It allow...

6.5CVSS6.2AI score0.01004EPSS
CVE
CVEadded 2018/04/03 6:29 a.m.126 views

CVE-2018-4121

An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "WebKit" compon...

8.8CVSS8.6AI score0.39723EPSS
CVE
CVEadded 2020/06/09 5:15 p.m.126 views

CVE-2020-9800

A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitr...

8.8CVSS8.8AI score0.00765EPSS
CVE
CVEadded 2015/12/15 9:59 p.m.125 views

CVE-2015-7500

The xmlParseMisc function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service (out-of-bounds heap read) via unspecified vectors related to incorrect entities boundaries and start tags.

5CVSS6.5AI score0.03603EPSS
CVE
CVEadded 2017/02/20 8:59 a.m.125 views

CVE-2016-4669

An issue was discovered in certain Apple products. iOS before 10.1 is affected. macOS before 10.12.1 is affected. tvOS before 10.0.1 is affected. watchOS before 3.1 is affected. The issue involves the "Kernel" component. It allows local users to execute arbitrary code in a privileged context or cau...

7.8CVSS7.6AI score0.33691EPSS
Web
CVE
CVEadded 2019/12/18 6:15 p.m.125 views

CVE-2019-8662

This issue was addressed with improved checks. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3. An attacker may be able to trigger a use-after-free in an application deserializing an untrusted NSDictionary.

9.8CVSS7.2AI score0.14427EPSS
CVE
CVEadded 2023/02/27 8:15 p.m.125 views

CVE-2023-23500

The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3, iOS 15.7.3 and iPadOS 15.7.3, tvOS 16.3, watchOS 9.3. An app may be able to leak sensitive kernel state.

5.5CVSS4.1AI score0.00041EPSS
CVE
CVEadded 2025/03/21 12:15 a.m.125 views

CVE-2024-54551

The issue was addressed with improved memory handling. This issue is fixed in watchOS 10.6, tvOS 17.6, Safari 17.6, macOS Sonoma 14.6, visionOS 1.3, iOS 17.6 and iPadOS 17.6. Processing web content may lead to a denial-of-service.

7.5CVSS5.8AI score0.00229EPSS
CVE
CVEadded 2016/05/20 10:59 a.m.124 views

CVE-2016-1834

Heap-based buffer overflow in the xmlStrncat function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted XML do...

9.3CVSS8.6AI score0.03922EPSS
CVE
CVEadded 2022/11/01 8:15 p.m.124 views

CVE-2022-32947

The issue was addressed with improved memory handling. This issue is fixed in iOS 16.1 and iPadOS 16, macOS Ventura 13, watchOS 9.1. An app may be able to execute arbitrary code with kernel privileges.

7.8CVSS7.8AI score0.0027EPSS
CVE
CVEadded 2024/03/08 2:15 a.m.124 views

CVE-2024-23226

The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.4, visionOS 1.1, iOS 17.4 and iPadOS 17.4, watchOS 10.4, tvOS 17.4. Processing web content may lead to arbitrary code execution.

8.8CVSS7.5AI score0.00709EPSS
CVE
CVEadded 2022/05/26 8:15 p.m.123 views

CVE-2022-26766

A certificate parsing issue was addressed with improved checks. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, Security Update 2022-004 Catalina, watchOS 8.6, macOS Big Sur 11.6.6, macOS Monterey 12.4. A malicious app may be able to bypass signature validation.

5.5CVSS5.7AI score0.03033EPSS
CVE
CVEadded 2023/12/12 1:15 a.m.123 views

CVE-2023-42890

The issue was addressed with improved memory handling. This issue is fixed in Safari 17.2, macOS Sonoma 14.2, watchOS 10.2, iOS 17.2 and iPadOS 17.2, tvOS 17.2. Processing web content may lead to arbitrary code execution.

8.8CVSS8.4AI score0.00634EPSS
CVE
CVEadded 2021/09/08 2:15 p.m.122 views

CVE-2021-30737

A memory corruption issue in the ASN.1 decoder was addressed by removing the vulnerable code. This issue is fixed in tvOS 14.6, Security Update 2021-004 Mojave, iOS 14.6 and iPadOS 14.6, iOS 12.5.4, Security Update 2021-003 Catalina, macOS Big Sur 11.4, watchOS 7.5. Processing a maliciously crafted...

8.8CVSS8.4AI score0.00851EPSS
CVE
CVEadded 2022/11/01 8:15 p.m.122 views

CVE-2022-32923

A correctness issue in the JIT was addressed with improved checks. This issue is fixed in tvOS 16.1, iOS 15.7.1 and iPadOS 15.7.1, macOS Ventura 13, watchOS 9.1, Safari 16.1, iOS 16.1 and iPadOS 16. Processing maliciously crafted web content may disclose internal states of the app.

6.5CVSS6.3AI score0.00194EPSS
CVE
CVEadded 2024/03/08 2:15 a.m.122 views

CVE-2024-23263

A logic issue was addressed with improved validation. This issue is fixed in tvOS 17.4, macOS Sonoma 14.4, visionOS 1.1, iOS 17.4 and iPadOS 17.4, watchOS 10.4, iOS 16.7.6 and iPadOS 16.7.6, Safari 17.4. Processing maliciously crafted web content may prevent Content Security Policy from being enfor...

8.1CVSS5.4AI score0.00395EPSS
CVE
CVEadded 2022/12/15 7:15 p.m.121 views

CVE-2022-42864

A race condition was addressed with improved state handling. This issue is fixed in tvOS 16.2, macOS Monterey 12.6.2, macOS Ventura 13.1, macOS Big Sur 11.7.2, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. An app may be able to execute arbitrary code with kernel privileges.

7CVSS7.4AI score0.05392EPSS
Web
CVE
CVEadded 2023/09/27 3:19 p.m.121 views

CVE-2023-40403

The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.6, tvOS 17, iOS 16.7 and iPadOS 16.7, macOS Monterey 12.7, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. Processing web content may disclose sensitive information.

6.5CVSS5.8AI score0.00137EPSS
CVE
CVEadded 2018/06/08 6:29 p.m.120 views

CVE-2018-4192

An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "WebKit" co...

7.5CVSS8AI score0.60874EPSS
CVE
CVEadded 2021/04/02 7:15 p.m.120 views

CVE-2021-1797

The issue was addressed with improved permissions logic. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. A local user may be able to read arbitrary files.

5.5CVSS5.7AI score0.00104EPSS
CVE
CVEadded 2023/02/27 8:15 p.m.120 views

CVE-2022-32824

The issue was addressed with improved memory handling. This issue is fixed in tvOS 15.6, watchOS 8.7, iOS 15.6 and iPadOS 15.6. An app may be able to disclose kernel memory.

5.5CVSS4.2AI score0.00048EPSS
CVE
CVEadded 2024/03/08 2:15 a.m.120 views

CVE-2024-23280

An injection issue was addressed with improved validation. This issue is fixed in Safari 17.4, macOS Sonoma 14.4, iOS 17.4 and iPadOS 17.4, watchOS 10.4, tvOS 17.4. A maliciously crafted webpage may be able to fingerprint the user.

7.5CVSS5AI score0.0053EPSS
CVE
CVEadded 2020/10/16 5:15 p.m.119 views

CVE-2020-9976

A logic issue was addressed with improved state management. This issue is fixed in iOS 14.0 and iPadOS 14.0, tvOS 14.0, watchOS 7.0. A malicious application may be able to leak sensitive user information.

5.5CVSS5AI score0.00288EPSS
CVE
CVEadded 2022/03/18 6:15 p.m.119 views

CVE-2022-22614

A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, macOS Big Sur 11.6.5, Security Update 2022-003 Catalina, watchOS 8.5, macOS Monterey 12.3. An application may be able to execute arbitrary code with kernel privileges.

9.3CVSS7.9AI score0.00313EPSS
CVE
CVEadded 2022/05/26 7:15 p.m.119 views

CVE-2022-26714

A memory corruption issue was addressed with improved validation. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, Security Update 2022-004 Catalina, watchOS 8.6, macOS Big Sur 11.6.6, macOS Monterey 12.4. An application may be able to execute arbitrary code with kernel privileges.

9.3CVSS8.1AI score0.0048EPSS
CVE
CVEadded 2024/01/23 1:15 a.m.119 views

CVE-2024-23213

The issue was addressed with improved memory handling. This issue is fixed in watchOS 10.3, tvOS 17.3, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, iOS 16.7.5 and iPadOS 16.7.5, Safari 17.3. Processing web content may lead to arbitrary code execution.

8.8CVSS8.3AI score0.00394EPSS
CVE
CVEadded 2018/06/08 6:29 p.m.118 views

CVE-2018-4222

An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "WebKit" co...

8.8CVSS8AI score0.68543EPSS
CVE
CVEadded 2016/05/20 10:59 a.m.117 views

CVE-2016-1840

Heap-based buffer overflow in the xmlFAParsePosCharGroup function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a cr...

7.8CVSS8.6AI score0.02142EPSS
CVE
CVEadded 2017/07/20 4:29 p.m.117 views

CVE-2017-7027

An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. macOS before 10.12.6 is affected. tvOS before 10.2.2 is affected. watchOS before 3.2.3 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or c...

9.3CVSS8.1AI score0.00183EPSS
CVE
CVEadded 2016/05/20 10:59 a.m.116 views

CVE-2016-1837

Multiple use-after-free vulnerabilities in the (1) htmlPArsePubidLiteral and (2) htmlParseSystemiteral functions in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allow remote attackers to cause a denial of service via a cr...

5.5CVSS6.6AI score0.01788EPSS
CVE
CVEadded 2022/09/23 7:15 p.m.116 views

CVE-2022-22610

A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.3, Safari 15.4, watchOS 8.5, iOS 15.4 and iPadOS 15.4, tvOS 15.4. Processing maliciously crafted web content may lead to code execution.

8.8CVSS8.5AI score0.00385EPSS
CVE
CVEadded 2022/08/24 8:15 p.m.116 views

CVE-2022-32839

The issue was addressed with improved bounds checks. This issue is fixed in macOS Monterey 12.5, macOS Big Sur 11.6.8, Security Update 2022-005 Catalina, iOS 15.6 and iPadOS 15.6, tvOS 15.6, watchOS 8.7. A remote user may cause an unexpected app termination or arbitrary code execution.

9.8CVSS8.8AI score0.01712EPSS
CVE
CVEadded 2025/01/27 10:15 p.m.116 views

CVE-2024-54543

The issue was addressed with improved memory handling. This issue is fixed in visionOS 2.2, tvOS 18.2, Safari 18.2, watchOS 11.2, iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2. Processing maliciously crafted web content may lead to memory corruption.

8.8CVSS5.9AI score0.00173EPSS
CVE
CVEadded 2020/02/27 9:15 p.m.115 views

CVE-2020-3842

A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2. An application may be able to execute arbitrary code with kernel privileges.

9.3CVSS7.7AI score0.00414EPSS
CVE
CVEadded 2022/11/01 8:15 p.m.115 views

CVE-2022-32888

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, iOS 15.7 and iPadOS 15.7, watchOS 9, macOS Monterey 12.6, tvOS 16. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8CVSS8.4AI score0.00443EPSS
CVE
CVEadded 2025/03/10 7:15 p.m.115 views

CVE-2024-44192

The issue was addressed with improved checks. This issue is fixed in watchOS 11, macOS Sequoia 15, Safari 18, visionOS 2, iOS 18 and iPadOS 18, tvOS 18. Processing maliciously crafted web content may lead to an unexpected process crash.

6.5CVSS5.8AI score0.00097EPSS
CVE
CVEadded 2016/05/20 10:59 a.m.114 views

CVE-2016-1833

The htmlCurrentChar function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document.

5.5CVSS6.3AI score0.01214EPSS
CVE
CVEadded 2015/05/25 10:59 p.m.113 views

CVE-2014-8146

The resolveImplicitLevels function in common/ubidi.c in the Unicode Bidirectional Algorithm implementation in ICU4C in International Components for Unicode (ICU) before 55.1 does not properly track directionally isolated pieces of text, which allows remote attackers to cause a denial of service (he...

7.5CVSS9.5AI score0.40134EPSS
CVE
CVEadded 2021/09/08 2:15 p.m.113 views

CVE-2021-30740

A logic issue was addressed with improved validation. This issue is fixed in macOS Big Sur 11.4, tvOS 14.6, watchOS 7.5, iOS 14.6 and iPadOS 14.6. A malicious application may be able to execute arbitrary code with kernel privileges.

9.3CVSS7.4AI score0.01025EPSS
Total number of security vulnerabilities1606