Apple » Watchos : Security Vulnerabilities (CVSS score between 7 and 7.99)

CVSS Scores Greater Than: 0 1 2 3 4 5 6 7 8 9

Sort Results By : CVE Number Descending CVE Number Ascending CVSS Score Descending Number Of Exploits Descending

#	CVE ID	CWE ID	Vulnerability Type(s)	Publish Date	Update Date	Score	Gained Access Level	Access	Complexity	Authentication	Conf.	Integ.	Avail.
1	CVE-2022-26711	190	Exec Code Overflow	2022-05-26	2022-06-07	7.5	None	Remote	Low	Not required	Partial	Partial	Partial
An integer overflow issue was addressed with improved input validation. This issue is fixed in tvOS 15.5, iTunes 12.12.4 for Windows, iOS 15.5 and iPadOS 15.5, watchOS 8.6, macOS Monterey 12.4. A remote attacker may be able to cause unexpected application termination or arbitrary code execution.
2	CVE-2022-22632			2022-03-18	2022-03-24	7.5	None	Remote	Low	Not required	Partial	Partial	Partial
A logic issue was addressed with improved state management. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, macOS Big Sur 11.6.5, watchOS 8.5, macOS Monterey 12.3. A malicious application may be able to elevate privileges.
3	CVE-2022-22596	787	Exec Code Mem. Corr.	2022-03-18	2022-03-28	7.2	None	Local	Low	Not required	Complete	Complete	Complete
A memory corruption issue was addressed with improved validation. This issue is fixed in watchOS 8.5, iOS 15.4 and iPadOS 15.4. An application may be able to execute arbitrary code with kernel privileges.
4	CVE-2021-30955	362	Exec Code	2021-08-24	2021-12-29	7.6	None	Remote	High	Not required	Complete	Complete	Complete
A race condition was addressed with improved state handling. This issue is fixed in macOS Monterey 12.1, watchOS 8.3, iOS 15.2 and iPadOS 15.2, tvOS 15.2. A malicious application may be able to execute arbitrary code with kernel privileges.
5	CVE-2021-30924		DoS	2021-08-24	2023-01-09	7.8	None	Remote	Low	Not required	None	None	Complete
A denial of service issue was addressed with improved state handling. This issue is fixed in macOS Monterey 12.0.1. A remote attacker can cause a device to unexpectedly restart.
6	CVE-2021-30857	362	Exec Code	2021-08-24	2023-01-09	7.6	None	Remote	High	Not required	Complete	Complete	Complete
A race condition was addressed with improved locking. This issue is fixed in Security Update 2021-005 Catalina, iOS 14.8 and iPadOS 14.8, tvOS 15, iOS 15 and iPadOS 15, watchOS 8, macOS Big Sur 11.6. A malicious application may be able to execute arbitrary code with kernel privileges.
7	CVE-2021-30798		Bypass	2021-09-08	2022-07-12	7.8	None	Remote	Low	Not required	Complete	None	None
A logic issue was addressed with improved state management. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6. A malicious application may be able to bypass certain Privacy preferences.
8	CVE-2021-30704		Exec Code	2021-09-08	2021-09-17	7.2	None	Local	Low	Not required	Complete	Complete	Complete
A logic issue was addressed with improved state management. This issue is fixed in tvOS 14.6, Security Update 2021-004 Mojave, iOS 14.6 and iPadOS 14.6, Security Update 2021-003 Catalina, macOS Big Sur 11.4, watchOS 7.5. An application may be able to execute arbitrary code with kernel privileges.
9	CVE-2021-30703	415	Exec Code	2021-09-08	2021-09-17	7.2	None	Local	Low	Not required	Complete	Complete	Complete
A double free issue was addressed with improved memory management. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Security Update 2021-004 Catalina, Security Update 2021-005 Mojave, macOS Big Sur 11.4, watchOS 7.5. An application may be able to execute arbitrary code with kernel privileges.
10	CVE-2021-30660	125		2021-09-08	2021-09-20	7.8	None	Remote	Low	Not required	Complete	None	None
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. A malicious application may be able to disclose kernel memory.
11	CVE-2021-30652	362	+Priv	2021-09-08	2021-09-20	7.6	None	Remote	High	Not required	Complete	Complete	Complete
A race condition was addressed with additional validation. This issue is fixed in Security Update 2021-002 Catalina, Security Update 2021-003 Mojave, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. A malicious application may be able to gain root privileges.
12	CVE-2021-1882	787	+Priv Mem. Corr.	2021-09-08	2021-09-20	7.5	None	Remote	Low	Not required	Partial	Partial	Partial
A memory corruption issue was addressed with improved validation. This issue is fixed in Security Update 2021-002 Catalina, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. An application may be able to gain elevated privileges.
13	CVE-2021-1864	416	Exec Code	2021-09-08	2021-09-16	7.5	None	Remote	Low	Not required	Partial	Partial	Partial
A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. An attacker with JavaScript execution may be able to execute arbitrary code.
14	CVE-2021-1860	665		2021-09-08	2021-09-17	7.1	None	Remote	Medium	Not required	Complete	None	None
A memory initialization issue was addressed with improved memory handling. This issue is fixed in Security Update 2021-002 Catalina, Security Update 2021-003 Mojave, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. A malicious application may be able to disclose kernel memory.
15	CVE-2021-1821		DoS	2021-10-28	2021-11-02	7.1	None	Remote	Medium	Not required	None	None	Complete
A logic issue was addressed with improved state management. This issue is fixed in watchOS 7.6, macOS Big Sur 11.5. Visiting a maliciously crafted webpage may lead to a system denial of service.
16	CVE-2021-1818		Exec Code	2021-04-02	2021-04-08	7.5	None	Remote	Low	Not required	Partial	Partial	Partial
A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. A remote attacker may be able to cause unexpected application termination or arbitrary code execution.
17	CVE-2021-1791	125		2021-04-02	2021-04-09	7.1	None	Remote	Medium	Not required	Complete	None	None
An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. A malicious application may be able to disclose kernel memory.
18	CVE-2021-1770	119	Exec Code Overflow	2021-09-08	2021-09-16	7.5	None	Remote	Low	Not required	Partial	Partial	Partial
A buffer overflow may result in arbitrary code execution. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. A logic issue was addressed with improved state management.
19	CVE-2020-27950	665		2020-12-08	2021-02-11	7.1	None	Remote	Medium	Not required	Complete	None	None
A memory initialization issue was addressed. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 12.4.9, watchOS 6.2.9, Security Update 2020-006 High Sierra, Security Update 2020-006 Mojave, iOS 14.2 and iPadOS 14.2, watchOS 5.3.9, macOS Catalina 10.15.7 Supplemental Update, macOS Catalina 10.15.7 Update. A malicious application may be able to disclose kernel memory.
20	CVE-2020-9902	125		2020-10-22	2023-01-09	7.1	None	Remote	Medium	Not required	Complete	None	None
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8. A malicious application may be able to determine kernel memory layout.
21	CVE-2020-9895	416	Exec Code	2020-10-16	2023-01-09	7.5	None	Remote	Low	Not required	Partial	Partial	Partial
A use after free issue was addressed with improved memory management. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. A remote attacker may be able to cause unexpected application termination or arbitrary code execution.
22	CVE-2020-9859	415	Exec Code	2020-06-05	2023-01-09	7.2	None	Local	Low	Not required	Complete	Complete	Complete
A memory consumption issue was addressed with improved memory handling. This issue is fixed in iOS 13.5.1 and iPadOS 13.5.1, macOS Catalina 10.15.5 Supplemental Update, tvOS 13.4.6, watchOS 6.2.6. An application may be able to execute arbitrary code with kernel privileges.
23	CVE-2020-9850		Exec Code	2020-06-09	2023-01-09	7.5	None	Remote	Low	Not required	Partial	Partial	Partial
A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. A remote attacker may be able to cause arbitrary code execution.
24	CVE-2020-9812			2020-06-09	2023-01-09	7.1	None	Remote	Medium	Not required	Complete	None	None
An information disclosure issue was addressed with improved state management. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5. A local user may be able to read kernel memory.
25	CVE-2020-9809			2020-06-09	2023-01-09	7.1	None	Remote	Medium	Not required	Complete	None	None
An information disclosure issue was addressed with improved state management. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5. A malicious application may be able to determine kernel memory layout.
26	CVE-2020-3911	120	Overflow	2020-04-01	2020-04-02	7.5	None	Remote	Low	Not required	Partial	Partial	Partial
A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 13.4 and iPadOS 13.4, macOS Catalina 10.15.4, tvOS 13.4, watchOS 6.2, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Multiple issues in libxml2.
27	CVE-2020-3910	120	Overflow	2020-04-01	2020-04-02	7.5	None	Remote	Low	Not required	Partial	Partial	Partial
A buffer overflow was addressed with improved size validation. This issue is fixed in iOS 13.4 and iPadOS 13.4, macOS Catalina 10.15.4, tvOS 13.4, watchOS 6.2, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Multiple issues in libxml2.
28	CVE-2020-3909	120	Overflow	2020-04-01	2022-06-02	7.5	None	Remote	Low	Not required	Partial	Partial	Partial
A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 13.4 and iPadOS 13.4, macOS Catalina 10.15.4, tvOS 13.4, watchOS 6.2, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Multiple issues in libxml2.
29	CVE-2020-3860	119	Exec Code Overflow Mem. Corr.	2020-02-27	2021-07-21	7.2	None	Local	Low	Not required	Complete	Complete	Complete
A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, watchOS 6.1.2. An application may be able to execute arbitrary code with kernel privileges.
30	CVE-2020-3857	119	Exec Code Overflow Mem. Corr.	2020-02-27	2021-07-21	7.2	None	Local	Low	Not required	Complete	Complete	Complete
A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2. An application may be able to execute arbitrary code with system privileges.
31	CVE-2019-20044	273	Exec Code +Priv	2020-02-24	2023-01-09	7.2	None	Local	Low	Not required	Complete	Complete	Complete
In Zsh before 5.8, attackers able to execute commands can regain privileges dropped by the --no-PRIVILEGED option. Zsh fails to overwrite the saved uid, so the original privileges can be restored by executing MODULE_PATH=/dir/with/module zmodload with a module that calls setuid().
32	CVE-2019-8756	20	Mem. Corr.	2020-10-27	2021-07-21	7.5	None	Remote	Low	Not required	Partial	Partial	Partial
Multiple memory corruption issues were addressed with improved input validation. This issue is fixed in macOS Catalina 10.15, iOS 13, iCloud for Windows 7.14, iCloud for Windows 10.7, tvOS 13, macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, watchOS 6, iTunes 12.10.1 for Windows. Multiple issues in libxml2.
33	CVE-2019-8750	119	Overflow Mem. Corr.	2019-12-18	2021-07-21	7.5	None	Remote	Low	Not required	Partial	Partial	Partial
Multiple memory corruption issues were addressed with improved input validation. This issue is fixed in watchOS 6.1, iCloud for Windows 11.0. Multiple issues in libxslt.
34	CVE-2019-8749	20	Mem. Corr.	2020-10-27	2021-07-21	7.5	None	Remote	Low	Not required	Partial	Partial	Partial
Multiple memory corruption issues were addressed with improved input validation. This issue is fixed in macOS Catalina 10.15, iOS 13, iCloud for Windows 7.14, iCloud for Windows 10.7, tvOS 13, macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, watchOS 6, iTunes 12.10.1 for Windows. Multiple issues in libxml2.
35	CVE-2019-8746	125	Exec Code	2020-10-27	2020-10-29	7.5	None	Remote	Low	Not required	Partial	Partial	Partial
An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15, iOS 13, iCloud for Windows 7.14, iCloud for Windows 10.7, tvOS 13, macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, watchOS 6, iTunes 12.10.1 for Windows. A remote attacker may be able to cause unexpected application termination or arbitrary code execution.
36	CVE-2019-8741	835	DoS	2020-02-28	2020-04-01	7.8	None	Remote	Low	Not required	None	None	Complete
A denial of service issue was addressed with improved input validation.
37	CVE-2019-8703		+Priv	2021-12-23	2022-01-04	7.5	None	Remote	Low	Not required	Partial	Partial	Partial
This issue was addressed with improved entitlements. This issue is fixed in watchOS 6, tvOS 13, macOS Catalina 10.15, iOS 13. An application may be able to gain elevated privileges.
38	CVE-2019-8662	416		2019-12-18	2020-08-24	7.5	None	Remote	Low	Not required	Partial	Partial	Partial
This issue was addressed with improved checks. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3. An attacker may be able to trigger a use-after-free in an application deserializing an untrusted NSDictionary.
39	CVE-2019-8660	787	Exec Code Mem. Corr.	2019-12-18	2020-08-24	7.5	None	Remote	Low	Not required	Partial	Partial	Partial
A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3. A remote attacker may be able to cause unexpected application termination or arbitrary code execution.
40	CVE-2019-8648	787	Exec Code Mem. Corr.	2019-12-18	2020-08-24	7.5	None	Remote	Low	Not required	Partial	Partial	Partial
A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3. A remote attacker may be able to cause arbitrary code execution.
41	CVE-2019-8647	416	Exec Code	2019-12-18	2019-12-19	7.5	None	Remote	Low	Not required	Partial	Partial	Partial
A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.4, tvOS 12.4, watchOS 5.3. A remote attacker may be able to cause arbitrary code execution.
42	CVE-2019-8641	125		2019-12-18	2020-02-28	7.5	None	Remote	Low	Not required	Partial	Partial	Partial
An out-of-bounds read was addressed with improved input validation.
43	CVE-2019-8613	416	Exec Code	2019-12-18	2019-12-19	7.5	None	Remote	Low	Not required	Partial	Partial	Partial
A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.3, tvOS 12.3, watchOS 5.2.1. A remote attacker may be able to cause arbitrary code execution.
44	CVE-2019-8600	89	Exec Code Sql Mem. Corr.	2019-12-18	2020-08-24	7.5	None	Remote	Low	Not required	Partial	Partial	Partial
A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. A maliciously crafted SQL query may lead to arbitrary code execution.
45	CVE-2019-8573	20	DoS	2020-10-27	2020-10-30	7.8	None	Remote	Low	Not required	None	None	Complete
An input validation issue was addressed with improved input validation. This issue is fixed in macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra, iOS 12.3, watchOS 5.2.1. A remote attacker may be able to cause a system denial of service.
46	CVE-2019-8547	125		2020-10-27	2020-10-29	7.5	None	Remote	Low	Not required	Partial	Partial	Partial
An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra, watchOS 5.2, macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra, iOS 12.2. A remote attacker may be able to leak memory.
47	CVE-2019-8540	665		2019-12-18	2019-12-30	7.1	None	Remote	Medium	Not required	Complete	None	None
A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A malicious application may be able to determine kernel memory layout.
48	CVE-2019-8531	20		2020-10-27	2021-07-21	7.5	None	Remote	Low	Not required	Partial	Partial	Partial
A validation issue existed in Trust Anchor Management. This issue was addressed with improved validation. This issue is fixed in watchOS 5.2, macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra, iOS 12.2. An untrusted radius server certificate may be trusted.
49	CVE-2019-8528	416	Exec Code	2020-10-27	2020-10-29	7.2	None	Local	Low	Not required	Complete	Complete	Complete
A use after free issue was addressed with improved memory management. This issue is fixed in watchOS 5.2, macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra, iOS 12.2. An application may be able to execute arbitrary code with kernel privileges.
50	CVE-2019-8525		Exec Code Mem. Corr.	2020-10-27	2021-07-21	7.2	None	Local	Low	Not required	Complete	Complete	Complete
A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra, watchOS 5.2, macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra, iOS 12.2. An application may be able to execute arbitrary code with kernel privileges.

Total number of vulnerabilities : 118 Page : 1 (This Page)2 3