Vulnerabilities (CVE)

Filtered by vendor Apple Subscribe
Filtered by product Watchos
Total 1105 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-23308 5 Apple, Debian, Fedoraproject and 2 more 36 Ipados, Iphone Os, Macos and 33 more 2022-07-25 4.3 MEDIUM 7.5 HIGH
valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes.
CVE-2020-9952 2 Apple, Webkit 7 Icloud, Ipad Os, Iphone Os and 4 more 2022-07-23 5.8 MEDIUM 7.1 HIGH
An input validation issue was addressed with improved input validation. This issue is fixed in iOS 14.0 and iPadOS 14.0, tvOS 14.0, watchOS 7.0, Safari 14.0, iCloud for Windows 11.4, iCloud for Windows 7.21. Processing maliciously crafted web content may lead to a cross site scripting attack.
CVE-2020-9951 3 Apple, Debian, Webkit 9 Icloud, Ipados, Iphone Os and 6 more 2022-07-23 6.8 MEDIUM 8.8 HIGH
A use after free issue was addressed with improved memory management. This issue is fixed in Safari 14.0. Processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2022-26768 1 Apple 3 Macos, Tvos, Watchos 2022-07-22 9.3 HIGH 7.8 HIGH
A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.4, watchOS 8.6, tvOS 15.5, macOS Big Sur 11.6.6. An application may be able to execute arbitrary code with kernel privileges.
CVE-2021-1807 1 Apple 3 Ipados, Iphone Os, Watchos 2022-07-12 4.9 MEDIUM 5.5 MEDIUM
A validation issue was addressed with improved input sanitization. This issue is fixed in iOS 14.5 and iPadOS 14.5, watchOS 7.4. A local user may be able to write arbitrary files.
CVE-2021-30945 1 Apple 6 Ipados, Iphone Os, Mac Os X and 3 more 2022-07-12 4.6 MEDIUM 7.8 HIGH
This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.6.2, tvOS 15.2, macOS Monterey 12.1, Security Update 2021-008 Catalina, iOS 15.2 and iPadOS 15.2, watchOS 8.3. A local attacker may be able to elevate their privileges.
CVE-2020-9859 1 Apple 5 Ipad Os, Iphone Os, Mac Os X and 2 more 2022-07-12 7.2 HIGH 7.8 HIGH
A memory consumption issue was addressed with improved memory handling. This issue is fixed in iOS 13.5.1 and iPadOS 13.5.1, macOS Catalina 10.15.5 Supplemental Update, tvOS 13.4.6, watchOS 6.2.6. An application may be able to execute arbitrary code with kernel privileges.
CVE-2021-30776 1 Apple 5 Iphone Os, Mac Os X, Macos and 2 more 2022-07-12 4.3 MEDIUM 5.5 MEDIUM
A logic issue was addressed with improved validation. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7, Security Update 2021-004 Catalina. Playing a malicious audio file may lead to an unexpected application termination.
CVE-2021-30798 1 Apple 3 Iphone Os, Macos, Watchos 2022-07-12 7.8 HIGH 7.5 HIGH
A logic issue was addressed with improved state management. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6. A malicious application may be able to bypass certain Privacy preferences.
CVE-2020-3917 1 Apple 4 Ipados, Iphone Os, Tvos and 1 more 2022-07-12 2.1 LOW 5.5 MEDIUM
This issue was addressed with a new entitlement. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2. An application may be able to use an SSH client provided by private frameworks.
CVE-2021-1820 1 Apple 5 Ipados, Iphone Os, Macos and 2 more 2022-07-12 4.3 MEDIUM 6.5 MEDIUM
A memory initialization issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may result in the disclosure of process memory.
CVE-2021-1822 1 Apple 4 Ipados, Iphone Os, Tvos and 1 more 2022-07-12 2.1 LOW 5.5 MEDIUM
A logic issue was addressed with improved restrictions. This issue is fixed in iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. A local user may be able to modify protected parts of the file system.
CVE-2013-0340 3 Apple, Libexpat Project, Python 7 Ipad Os, Iphone Os, Macos and 4 more 2022-07-05 6.8 MEDIUM N/A
expat 2.1.0 and earlier does not properly handle entities expansion unless an application developer uses the XML_SetEntityDeclHandler function, which allows remote attackers to cause a denial of service (resource consumption), send HTTP requests to intranet servers, or read arbitrary files via a crafted XML document, aka an XML External Entity (XXE) issue. NOTE: it could be argued that because expat already provides the ability to disable external entity expansion, the responsibility for resolving this issue lies with application developers; according to this argument, this entry should be REJECTed, and each affected application would need its own CVE.
CVE-2016-9843 9 Apple, Canonical, Debian and 6 more 23 Iphone Os, Mac Os X, Tvos and 20 more 2022-06-27 7.5 HIGH 9.8 CRITICAL
The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation.
CVE-2016-9842 7 Apple, Canonical, Debian and 4 more 18 Iphone Os, Mac Os X, Tvos and 15 more 2022-06-22 6.8 MEDIUM 8.8 HIGH
The inflateMark function in inflate.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving left shifts of negative integers.
CVE-2016-9841 8 Apple, Canonical, Debian and 5 more 38 Iphone Os, Mac Os X, Tvos and 35 more 2022-06-22 7.5 HIGH 9.8 CRITICAL
inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.
CVE-2016-9840 7 Apple, Canonical, Debian and 4 more 18 Iphone Os, Mac Os X, Tvos and 15 more 2022-06-22 6.8 MEDIUM 8.8 HIGH
inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.
CVE-2022-26757 1 Apple 6 Ipados, Iphone Os, Mac Os X and 3 more 2022-06-20 9.3 HIGH 7.8 HIGH
A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, Security Update 2022-004 Catalina, watchOS 8.6, macOS Big Sur 11.6.6, macOS Monterey 12.4. An application may be able to execute arbitrary code with kernel privileges.
CVE-2022-26702 1 Apple 4 Ipados, Iphone Os, Tvos and 1 more 2022-06-08 9.3 HIGH 7.8 HIGH
A use after free issue was addressed with improved memory management. This issue is fixed in watchOS 8.6, tvOS 15.5, iOS 15.5 and iPadOS 15.5. An application may be able to execute arbitrary code with kernel privileges.
CVE-2022-22675 1 Apple 5 Ipados, Iphone Os, Macos and 2 more 2022-06-08 9.3 HIGH 7.8 HIGH
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in tvOS 15.5, watchOS 8.6, macOS Big Sur 11.6.6, macOS Monterey 12.3.1, iOS 15.4.1 and iPadOS 15.4.1. An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited..