Apple watchOS vulnerabilities
1,808 known vulnerabilities affecting apple/watchos.
Total CVEs
1,808
CISA KEV
46
actively exploited
Public exploits
118
Exploited in wild
35
Severity breakdown
CRITICAL129HIGH933MEDIUM682LOW64
Vulnerabilities
Page 10 of 91
CVE-2025-31183CRITICALCVSS 9.8fixed in 11.42025-03-31
CVE-2025-31183 [CRITICAL] CWE-200 CVE-2025-31183: The issue was addressed with improved restriction of data container access. This issue is fixed in i
The issue was addressed with improved restriction of data container access. This issue is fixed in iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, macOS Sonoma 14.7.5, tvOS 18.4, watchOS 11.4. An app may be able to access sensitive user data.
cvelistv5nvd
CVE-2025-24167CRITICALCVSS 9.8fixed in 11.42025-03-31
CVE-2025-24167 [CRITICAL] CVE-2025-24167: This issue was addressed through improved state management. This issue is fixed in Safari 18.4, iOS
This issue was addressed through improved state management. This issue is fixed in Safari 18.4, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, watchOS 11.4. A download's origin may be incorrectly associated.
cvelistv5nvd
CVE-2025-30430CRITICALCVSS 9.8fixed in 11.42025-03-31
CVE-2025-30430 [CRITICAL] CWE-287 CVE-2025-30430: This issue was addressed through improved state management. This issue is fixed in iOS 18.4 and iPad
This issue was addressed through improved state management. This issue is fixed in iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, visionOS 2.4, watchOS 11.4. Password autofill may fill in passwords after failing authentication.
cvelistv5nvd
CVE-2025-24178CRITICALCVSS 9.8fixed in 11.42025-03-31
CVE-2025-24178 [CRITICAL] CVE-2025-24178: This issue was addressed through improved state management. This issue is fixed in iOS 18.4 and iPad
This issue was addressed through improved state management. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.4, watchOS 11.4. An app may be able to break out of its sandbox.
cvelistv5nvd
CVE-2025-24238CRITICALCVSS 9.8fixed in 11.42025-03-31
CVE-2025-24238 [CRITICAL] CWE-276 CVE-2025-24238: A logic issue was addressed with improved checks. This issue is fixed in iOS 18.4 and iPadOS 18.4, m
A logic issue was addressed with improved checks. This issue is fixed in iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.4, watchOS 11.4. An app may be able to gain elevated privileges.
cvelistv5nvd
CVE-2025-24190CRITICALCVSS 9.8fixed in 11.42025-03-31
CVE-2025-24190 [CRITICAL] CWE-400 CVE-2025-24190: The issue was addressed with improved memory handling. This issue is fixed in iOS 18.4 and iPadOS 18
The issue was addressed with improved memory handling. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.4, visionOS 2.4, watchOS 11.4. Processing a maliciously crafted video file may lead to unexpected app termination or corrupt process memory.
cvelistv5nvd
CVE-2025-24257HIGHCVSS 7.1fixed in 11.42025-03-31
CVE-2025-24257 [HIGH] CWE-787 CVE-2025-24257: An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iO
An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, visionOS 2.4, watchOS 11.4. An app may be able to cause unexpected system termination or write kernel memory.
cvelistv5nvd
CVE-2025-24243HIGHCVSS 7.8fixed in 11.42025-03-31
CVE-2025-24243 [HIGH] CWE-94 CVE-2025-24243: The issue was addressed with improved memory handling. This issue is fixed in iOS 18.4 and iPadOS 18
The issue was addressed with improved memory handling. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.4, visionOS 2.4, watchOS 11.4. Processing a maliciously crafted file may lead to arbitrary code execution.
cvelistv5nvd
CVE-2025-24180HIGHCVSS 8.1fixed in 11.42025-03-31
CVE-2025-24180 [HIGH] CWE-601 CVE-2025-24180: The issue was addressed with improved input validation. This issue is fixed in Safari 18.4, iOS 18.4
The issue was addressed with improved input validation. This issue is fixed in Safari 18.4, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, visionOS 2.4, watchOS 11.4. A malicious website may be able to claim WebAuthn credentials from another website that shares a registrable suffix.
cvelistv5nvd
CVE-2025-30471HIGHCVSS 7.5fixed in 11.42025-03-31
CVE-2025-30471 [HIGH] CWE-20 CVE-2025-30471: A validation issue was addressed with improved logic. This issue is fixed in iOS 18.4 and iPadOS 18.
A validation issue was addressed with improved logic. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.4, visionOS 2.4, watchOS 11.4. A remote user may be able to cause a denial-of-service.
cvelistv5nvd
CVE-2025-24213HIGHCVSS 7.8fixed in 11.52025-03-31
CVE-2025-24213 [HIGH] CWE-843 CVE-2025-24213: This issue was addressed with improved handling of floats. This issue is fixed in Safari 18.5, iOS 1
This issue was addressed with improved handling of floats. This issue is fixed in Safari 18.5, iOS 18.5 and iPadOS 18.5, iPadOS 17.7.7, macOS Sequoia 15.5, tvOS 18.5, visionOS 2.5, watchOS 11.5. A type confusion issue could lead to memory corruption.
cvelistv5nvd
CVE-2025-24209HIGHCVSS 7.0fixed in 11.42025-03-31
CVE-2025-24209 [HIGH] CWE-120 CVE-2025-24209: A buffer overflow issue was addressed with improved memory handling. This issue is fixed in Safari 1
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in Safari 18.4, iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, tvOS 18.4, watchOS 11.4. Processing maliciously crafted web content may lead to an unexpected process crash.
cvelistv5nvd
CVE-2025-24173HIGHCVSS 7.8fixed in 11.42025-03-31
CVE-2025-24173 [HIGH] CWE-284 CVE-2025-24173: This issue was addressed with additional entitlement checks. This issue is fixed in iOS 18.4 and iPa
This issue was addressed with additional entitlement checks. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.4, visionOS 2.4, watchOS 11.4. An app may be able to break out of its sandbox.
cvelistv5nvd
CVE-2025-30432MEDIUMCVSS 6.4fixed in 11.42025-03-31
CVE-2025-30432 [MEDIUM] CWE-287 CVE-2025-30432: A logic issue was addressed with improved state management. This issue is fixed in iOS 18.4 and iPad
A logic issue was addressed with improved state management. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.4, visionOS 2.4, watchOS 11.4. A malicious app may be able to attempt passcode entries on a locked device and thereby cause escalating time delays after 4 failures.
cvelistv5nvd
CVE-2025-24216MEDIUMCVSS 4.3fixed in 11.42025-03-31
CVE-2025-24216 [MEDIUM] CWE-119 CVE-2025-24216: The issue was addressed with improved memory handling. This issue is fixed in Safari 18.4, iOS 18.4
The issue was addressed with improved memory handling. This issue is fixed in Safari 18.4, iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, tvOS 18.4, visionOS 2.4, watchOS 11.4. Processing maliciously crafted web content may lead to an unexpected Safari crash.
cvelistv5nvd
CVE-2025-24217MEDIUMCVSS 5.5fixed in 11.42025-03-31
CVE-2025-24217 [MEDIUM] CWE-200 CVE-2025-24217: This issue was addressed with improved redaction of sensitive information. This issue is fixed in iO
This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, tvOS 18.4, watchOS 11.4. An app may be able to access sensitive user data.
cvelistv5nvd
CVE-2025-31191MEDIUMCVSS 5.5fixed in 11.42025-03-31
CVE-2025-31191 [MEDIUM] CWE-200 CVE-2025-31191: This issue was addressed through improved state management. This issue is fixed in iOS 18.4 and iPad
This issue was addressed through improved state management. This issue is fixed in iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.4, watchOS 11.4. An app may be able to access sensitive user data.
cvelistv5nvd
CVE-2025-24097MEDIUMCVSS 5.0fixed in 11.42025-03-31
CVE-2025-24097 [MEDIUM] CWE-125 CVE-2025-24097: A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 18.4 and
A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.7, macOS Sequoia 15.4, macOS Sonoma 14.7.5, tvOS 18.4, watchOS 11.4. An app may be able to read arbitrary file metadata.
cvelistv5nvd
CVE-2025-30429MEDIUMCVSS 6.3fixed in 11.42025-03-31
CVE-2025-30429 [MEDIUM] CVE-2025-30429: A path handling issue was addressed with improved validation. This issue is fixed in iOS 18.4 and iP
A path handling issue was addressed with improved validation. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.4, visionOS 2.4, watchOS 11.4. An app may be able to break out of its sandbox.
cvelistv5nvd
CVE-2025-30470MEDIUMCVSS 5.5fixed in 11.42025-03-31
CVE-2025-30470 [MEDIUM] CWE-22 CVE-2025-30470: A path handling issue was addressed with improved logic. This issue is fixed in iOS 18.4 and iPadOS
A path handling issue was addressed with improved logic. This issue is fixed in iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, visionOS 2.4, watchOS 11.4. An app may be able to read sensitive location information.
cvelistv5nvd