Apple watchOS vulnerabilities

1,895 known vulnerabilities affecting apple/watchos.

Total CVEs

1,895

CISA KEV

actively exploited

Public exploits

123

Exploited in wild

Severity breakdown

CRITICAL140HIGH970MEDIUM715LOW68UNKNOWN2

Vulnerabilities

Page 77 of 95

CVE-2018-4085HIGHCVSS 8.8fixed in 4.2.22018-04-03

CVE-2018-4085 [HIGH] CWE-119 CVE-2018-4085: An issue was discovered in certain Apple products. iOS before 11.2.5 is affected. macOS before 10.13 An issue was discovered in certain Apple products. iOS before 11.2.5 is affected. macOS before 10.13.3 is affected. tvOS before 11.2.5 is affected. watchOS before 4.2.2 is affected. The issue involves the "QuartzCore" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) vi

nvdapple

CVE-2018-4167HIGHCVSS 7.0fixed in 4.32018-04-03

CVE-2018-4167 [HIGH] CWE-362 CVE-2018-4167: An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "File System Events" component. A race condition allows attackers to execute arbitrary code in a privileged context via a crafted app.

nvdapple

CVE-2018-4122HIGHCVSS 8.8fixed in 4.32018-04-03

CVE-2018-4122 [HIGH] CWE-119 CVE-2018-4122: An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 i An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary cod

nvdapple

CVE-2018-4129HIGHCVSS 8.8fixed in 4.32018-04-03

CVE-2018-4129 [HIGH] CWE-119 CVE-2018-4129: An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 i An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary cod

nvdapple

CVE-2017-13904HIGHCVSS 7.8fixed in 4.22018-04-03

CVE-2017-13904 [HIGH] CWE-119 CVE-2017-13904: An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10.13.2 An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10.13.2 is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted a

nvdapple

CVE-2018-4163HIGHCVSS 8.8fixed in 4.32018-04-03

CVE-2018-4163 [HIGH] CWE-119 CVE-2018-4163: An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 i An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary cod

nvdapple

CVE-2018-4095HIGHCVSS 7.8fixed in 4.2.22018-04-03

CVE-2018-4095 [HIGH] CWE-119 CVE-2018-4095: An issue was discovered in certain Apple products. iOS before 11.2.5 is affected. tvOS before 11.2.5 An issue was discovered in certain Apple products. iOS before 11.2.5 is affected. tvOS before 11.2.5 is affected. watchOS before 4.2.2 is affected. The issue involves the "Core Bluetooth" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

nvdapple

CVE-2018-4144HIGHCVSS 7.8fixed in 4.32018-04-03

CVE-2018-4144 [HIGH] CWE-119 CVE-2018-4144: An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "Security" component. A buffer overflow allows attackers to execute a

nvdapple

CVE-2018-4087HIGHCVSS 7.8PoCfixed in 4.2.22018-04-03

CVE-2018-4087 [HIGH] CWE-119 CVE-2018-4087: An issue was discovered in certain Apple products. iOS before 11.2.5 is affected. tvOS before 11.2.5 An issue was discovered in certain Apple products. iOS before 11.2.5 is affected. tvOS before 11.2.5 is affected. watchOS before 4.2.2 is affected. The issue involves the "Core Bluetooth" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

nvdapple

CVE-2018-4158HIGHCVSS 7.0fixed in 4.32018-04-03

CVE-2018-4158 [HIGH] CWE-362 CVE-2018-4158: An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. watchOS before 4.3 is affected. The issue involves the "CoreFoundation" component. A race condition allows attackers to execute arbitrary code in a privileged context via a crafted app.

nvdapple

CVE-2018-4150HIGHCVSS 7.8fixed in 4.32018-04-03

CVE-2018-4150 [HIGH] CWE-119 CVE-2018-4150: An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app

nvdapple

CVE-2017-13854HIGHCVSS 7.8fixed in 4.02018-04-03

CVE-2017-13854 [HIGH] CWE-119 CVE-2017-13854: An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

nvd

CVE-2018-4117MEDIUMCVSS 6.5fixed in 4.32018-04-03

CVE-2018-4117 [MEDIUM] CWE-200 CVE-2018-4117: An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 i An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. watchOS before 4.3 is affected. The issue involves the fetch API in the "WebKit" component. It allows remote attackers to bypass the Same Origin Policy an

nvdapple

CVE-2018-4092MEDIUMCVSS 4.7fixed in 4.2.22018-04-03

CVE-2018-4092 [MEDIUM] CWE-362 CVE-2018-4092: An issue was discovered in certain Apple products. iOS before 11.2.5 is affected. macOS before 10.13 An issue was discovered in certain Apple products. iOS before 11.2.5 is affected. macOS before 10.13.3 is affected. tvOS before 11.2.5 is affected. watchOS before 4.2.2 is affected. The issue involves the "Kernel" component. A race condition allows attackers to bypass intended memory-read restrictions via a crafted app.

nvdapple

CVE-2018-4090MEDIUMCVSS 5.5PoCfixed in 4.2.22018-04-03

CVE-2018-4090 [MEDIUM] CWE-200 CVE-2018-4090: An issue was discovered in certain Apple products. iOS before 11.2.5 is affected. macOS before 10.13 An issue was discovered in certain Apple products. iOS before 11.2.5 is affected. macOS before 10.13.3 is affected. tvOS before 11.2.5 is affected. watchOS before 4.2.2 is affected. The issue involves the "Kernel" component. It allows attackers to bypass intended memory-read restrictions via a crafted app.

nvdapple

CVE-2018-4113MEDIUMCVSS 6.5fixed in 4.32018-04-03

CVE-2018-4113 [MEDIUM] CWE-617 CVE-2018-4113: An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 i An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves a JavaScriptCore function in the "WebKit" component. It allows attackers

nvdapple

CVE-2018-4086MEDIUMCVSS 5.9fixed in 4.2.22018-04-03

CVE-2018-4086 [MEDIUM] CWE-295 CVE-2018-4086: An issue was discovered in certain Apple products. iOS before 11.2.5 is affected. macOS before 10.13 An issue was discovered in certain Apple products. iOS before 11.2.5 is affected. macOS before 10.13.3 is affected. tvOS before 11.2.5 is affected. watchOS before 4.2.2 is affected. The issue involves the "Security" component. It allows remote attackers to spoof certificate validation via crafted name constraints.

nvdapple

CVE-2018-4104MEDIUMCVSS 5.5fixed in 4.32018-04-03

CVE-2018-4104 [MEDIUM] CWE-200 CVE-2018-4104: An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "Kernel" component. It allows attackers to bypass intended memory-read restrictions via a crafted app.

nvdapple

CVE-2017-13873MEDIUMCVSS 4.3fixed in 4.02018-04-03

CVE-2017-13873 [MEDIUM] CWE-200 CVE-2017-13873: An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the "Kernel" component. It allows attackers to obtain sensitive network-activity information about arbitrary apps via a crafted app.

nvd

CVE-2018-4093MEDIUMCVSS 5.5fixed in 4.2.22018-04-03

CVE-2018-4093 [MEDIUM] CWE-200 CVE-2018-4093: An issue was discovered in certain Apple products. iOS before 11.2.5 is affected. macOS before 10.13 An issue was discovered in certain Apple products. iOS before 11.2.5 is affected. macOS before 10.13.3 is affected. tvOS before 11.2.5 is affected. watchOS before 4.2.2 is affected. The issue involves the "Kernel" component. It allows attackers to bypass intended memory-read restrictions via a crafted app.

nvdapple

← Previous77 / 95Next →