CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Apple » Watchos : Security Vulnerabilities (CVSS score between 6 and 6.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2019-8906 125 2019-02-18 2019-04-16
6.8
None Remote Medium Not required Partial Partial Partial
do_core_note in readelf.c in libmagic.a in file 5.35 has an out-of-bounds read because memcpy is misused.
2 CVE-2018-20506 190 Exec Code Overflow 2019-04-03 2019-05-10
6.8
None Remote Medium Not required Partial Partial Partial
SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow (and resultant buffer overflow) for FTS3 queries in a "merge" operation that occurs after crafted changes to FTS3 shadow tables, allowing remote attackers to execute arbitrary code by leveraging the ability to run arbitrary SQL statements (such as in certain WebSQL use cases). This is a different vulnerability than CVE-2018-20346.
3 CVE-2018-4464 119 Overflow Mem. Corr. 2019-04-03 2019-04-05
6.8
None Remote Medium Not required Partial Partial Partial
Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12.1.1, tvOS 12.1.1, watchOS 5.1.2, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud for Windows 7.9.
4 CVE-2018-4443 119 Overflow Mem. Corr. 2019-04-03 2019-04-05
6.8
None Remote Medium Not required Partial Partial Partial
A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12.1.1, tvOS 12.1.1, watchOS 5.1.2, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud for Windows 7.9.
5 CVE-2018-4442 119 Overflow Mem. Corr. 2019-04-03 2019-04-05
6.8
None Remote Medium Not required Partial Partial Partial
A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12.1.1, tvOS 12.1.1, watchOS 5.1.2, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud for Windows 7.9.
6 CVE-2018-4441 119 Overflow Mem. Corr. 2019-04-03 2019-04-05
6.8
None Remote Medium Not required Partial Partial Partial
A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12.1.1, tvOS 12.1.1, watchOS 5.1.2, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud for Windows 7.9.
7 CVE-2018-4438 119 Overflow Mem. Corr. 2019-04-03 2019-04-05
6.8
None Remote Medium Not required Partial Partial Partial
A logic issue existed resulting in memory corruption. This was addressed with improved state management. This issue affected versions prior to iOS 12.1.1, tvOS 12.1.1, watchOS 5.1.2, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud for Windows 7.9.
8 CVE-2018-4437 119 Overflow Mem. Corr. 2019-04-03 2019-04-05
6.8
None Remote Medium Not required Partial Partial Partial
Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12.1.1, tvOS 12.1.1, watchOS 5.1.2, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud for Windows 7.9.
9 CVE-2018-4435 20 2019-04-03 2019-04-05
6.8
None Remote Medium Not required Partial Partial Partial
A logic issue was addressed with improved restrictions. This issue affected versions prior to iOS 12.1.1, macOS Mojave 10.14.2, tvOS 12.1.1, watchOS 5.1.2.
10 CVE-2018-4416 119 Overflow Mem. Corr. 2019-04-03 2019-04-05
6.8
None Remote Medium Not required Partial Partial Partial
Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12.1, tvOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8.
11 CVE-2018-4414 119 Overflow Mem. Corr. 2019-04-03 2019-04-05
6.8
None Remote Medium Not required Partial Partial Partial
A memory corruption issue was addressed with improved input validation. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5, iTunes 12.9 for Windows, iCloud for Windows 7.7.
12 CVE-2018-4412 119 Overflow Mem. Corr. 2019-04-03 2019-04-08
6.8
None Remote Medium Not required Partial Partial Partial
A memory corruption issue was addressed with improved input validation. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5, iTunes 12.9 for Windows, iCloud for Windows 7.7.
13 CVE-2018-4407 119 Overflow Mem. Corr. 2019-04-03 2019-04-05
6.5
None Remote Low Single system Partial Partial Partial
A memory corruption issue was addressed with improved validation. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.
14 CVE-2018-4394 119 Overflow Mem. Corr. 2019-04-03 2019-04-05
6.8
None Remote Medium Not required Partial Partial Partial
A memory corruption issue was addressed with improved input validation. This issue affected versions prior to iOS 12.1, macOS Mojave 10.14.1, tvOS 12.1, watchOS 5.1, iTunes 12.9.1.
15 CVE-2018-4392 119 Overflow Mem. Corr. 2019-04-03 2019-04-05
6.8
None Remote Medium Not required Partial Partial Partial
Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12.1, tvOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8.
16 CVE-2018-4386 119 Overflow Mem. Corr. 2019-04-03 2019-04-05
6.8
None Remote Medium Not required Partial Partial Partial
Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12.1, tvOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8.
17 CVE-2018-4384 119 Overflow Mem. Corr. 2019-04-03 2019-04-05
6.8
None Remote Medium Not required Partial Partial Partial
A memory corruption issue was addressed with improved input validation. This issue affected versions prior to iOS 12.1, watchOS 5.1.
18 CVE-2018-4382 119 Overflow Mem. Corr. 2019-04-03 2019-04-05
6.8
None Remote Medium Not required Partial Partial Partial
Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12.1, tvOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8.
19 CVE-2018-4378 119 Overflow Mem. Corr. 2019-04-03 2019-04-05
6.8
None Remote Medium Not required Partial Partial Partial
A memory corruption issue was addressed with improved validation. This issue affected versions prior to iOS 12.1, tvOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8.
20 CVE-2018-4376 119 Overflow Mem. Corr. 2019-04-03 2019-04-05
6.8
None Remote Medium Not required Partial Partial Partial
Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8.
21 CVE-2018-4375 119 Overflow Mem. Corr. 2019-04-03 2019-04-05
6.8
None Remote Medium Not required Partial Partial Partial
Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8.
22 CVE-2018-4373 119 Overflow Mem. Corr. 2019-04-03 2019-04-05
6.8
None Remote Medium Not required Partial Partial Partial
Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8.
23 CVE-2018-4372 119 Overflow Mem. Corr. 2019-04-03 2019-04-05
6.8
None Remote Medium Not required Partial Partial Partial
Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12.1, tvOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8.
24 CVE-2018-4371 125 2019-04-03 2019-04-08
6.8
None Remote Medium Not required Partial Partial Partial
An out-of-bounds read was addressed with improved input validation. This issue affected versions prior to iOS 12.1, macOS Mojave 10.14.1, tvOS 12.1, watchOS 5.1.
25 CVE-2018-4361 399 2019-04-03 2019-04-05
6.8
None Remote Medium Not required Partial Partial Partial
A memory consumption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, tvOS 12, watchOS 5, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.
26 CVE-2018-4359 119 Overflow Mem. Corr. 2019-04-03 2019-04-05
6.8
None Remote Medium Not required Partial Partial Partial
Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12, tvOS 12, watchOS 5, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.
27 CVE-2018-4358 119 Overflow Mem. Corr. 2019-04-03 2019-04-05
6.8
None Remote Medium Not required Partial Partial Partial
Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12, tvOS 12, watchOS 5, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.
28 CVE-2018-4354 119 Overflow Mem. Corr. 2019-04-03 2019-04-05
6.8
None Remote Medium Not required Partial Partial Partial
A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.
29 CVE-2018-4347 416 2019-04-03 2019-04-05
6.8
None Remote Medium Not required Partial Partial Partial
A use after free issue was addressed with improved memory management. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5, iTunes 12.9 for Windows, iCloud for Windows 7.7.
30 CVE-2018-4341 119 Overflow Mem. Corr. 2019-04-03 2019-04-05
6.8
None Remote Medium Not required Partial Partial Partial
A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.
31 CVE-2018-4303 20 2019-04-03 2019-04-04
6.8
None Remote Medium Not required Partial Partial Partial
An input validation issue was addressed with improved input validation. This issue affected versions prior to macOS Mojave 10.14, iOS 12.1.1, macOS Mojave 10.14.2, tvOS 12.1.1, watchOS 5.1.2.
32 CVE-2018-4299 119 Overflow Mem. Corr. 2019-04-03 2019-04-04
6.8
None Remote Medium Not required Partial Partial Partial
Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12, tvOS 12, watchOS 5, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.
33 CVE-2018-4284 704 2019-04-03 2019-04-04
6.8
None Remote Medium Not required Partial Partial Partial
A type confusion issue was addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, watchOS 4.3.2, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6.
34 CVE-2018-4280 119 Overflow Mem. Corr. 2019-04-03 2019-04-05
6.8
None Remote Medium Not required Partial Partial Partial
A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, macOS High Sierra 10.13.6, tvOS 11.4.1, watchOS 4.3.2.
35 CVE-2018-4272 119 Overflow Mem. Corr. 2019-04-03 2019-04-04
6.8
None Remote Medium Not required Partial Partial Partial
Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, watchOS 4.3.2, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6.
36 CVE-2018-4269 119 Overflow Mem. Corr. 2019-04-03 2019-04-04
6.8
None Remote Medium Not required Partial Partial Partial
A memory corruption issue was addressed with improved input validation. This issue affected versions prior to iOS 11.4.1, macOS High Sierra 10.13.6, tvOS 11.4.1, watchOS 4.3.2, iTunes 12.8 for Windows, iCloud for Windows 7.6.
37 CVE-2018-4264 119 Overflow Mem. Corr. 2019-04-03 2019-04-04
6.8
None Remote Medium Not required Partial Partial Partial
Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, watchOS 4.3.2, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6.
38 CVE-2018-4262 119 Overflow Mem. Corr. 2019-01-11 2019-01-16
6.8
None Remote Medium Not required Partial Partial Partial
In Safari before 11.1.2, iTunes before 12.8 for Windows, iOS before 11.4.1, tvOS before 11.4.1, iCloud for Windows before 7.6, multiple memory corruption issues were addressed with improved memory handling.
39 CVE-2018-4246 704 Exec Code 2018-06-08 2018-08-17
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code via a crafted web site that leverages type confusion.
40 CVE-2018-4237 264 +Priv 2018-06-08 2018-12-01
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "libxpc" component. It allows attackers to gain privileges via a crafted app that leverages a logic error.
41 CVE-2018-4233 119 DoS Exec Code Overflow Mem. Corr. 2018-06-08 2018-12-15
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
42 CVE-2018-4222 125 Exec Code 2018-06-08 2018-10-21
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code via a crafted web site that leverages a getWasmBufferFromValue out-of-bounds read during WebAssembly compilation.
43 CVE-2018-4218 119 DoS Exec Code Overflow Mem. Corr. 2018-06-08 2018-10-21
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site that triggers an @generatorState use-after-free.
44 CVE-2018-4214 119 DoS Overflow Mem. Corr. 2018-06-08 2018-10-21
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to cause a denial of service (memory corruption and Safari crash) or possibly have unspecified other impact via a crafted web site.
45 CVE-2018-4213 20 2019-01-11 2019-01-16
6.8
None Remote Medium Not required Partial Partial Partial
In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks.
46 CVE-2018-4212 2019-01-11 2019-01-16
6.8
None Remote Medium Not required Partial Partial Partial
In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks.
47 CVE-2018-4211 119 DoS Exec Code Overflow Mem. Corr. 2018-06-08 2018-07-17
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "FontParser" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted font file.
48 CVE-2018-4210 129 2019-01-11 2019-01-16
6.8
None Remote Medium Not required Partial Partial Partial
In iOS before 11.3, Safari before 11.1, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, an array indexing issue existed in the handling of a function in javascript core. This issue was addressed with improved checks.
49 CVE-2018-4206 119 DoS Exec Code Overflow Mem. Corr. 2018-06-08 2018-07-17
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in certain Apple products. iOS before 11.3.1 is affected. macOS before 10.13.4 Security Update 2018-001 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "Crash Reporter" component. It allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted app that replaces a privileged port name.
50 CVE-2018-4201 119 DoS Exec Code Overflow Mem. Corr. 2018-06-08 2018-10-21
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
Total number of vulnerabilities : 137   Page : 1 (This Page)2 3
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.