Apple: >> Watchos Security Vulnerabilities
CVE-2019-8506
A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution.
Known exploited
CVSS Score
8.8
EPSS Score
0.077
Published
2019-12-18
An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A malicious application may be able to determine kernel memory layout.
CVSS Score
5.5
EPSS Score
0.007
Published
2019-12-18
sf-pcapng.c in libpcap before 1.9.1 does not properly validate the PHB header length before allocating memory.
CVSS Score
5.3
EPSS Score
0.01
Published
2019-10-03
The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka "KNOB") that can decrypt traffic and inject arbitrary ciphertext without the victim noticing.
CVSS Score
7.6
EPSS Score
0.045
Published
2019-08-14
A denial of service issue was addressed by removing the vulnerable code. This issue affected versions prior to iOS 12.1.1, macOS Mojave 10.14.2, tvOS 12.1.1, watchOS 5.1.2.
CVSS Score
6.5
EPSS Score
0.007
Published
2019-04-03
A memory corruption issue was addressed with improved input validation. This issue affected versions prior to iOS 12.1.1, macOS Mojave 10.14.2, tvOS 12.1.1, watchOS 5.1.2.
CVSS Score
7.8
EPSS Score
0.002
Published
2019-04-03
Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12.1.1, tvOS 12.1.1, watchOS 5.1.2, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud for Windows 7.9.
CVSS Score
8.8
EPSS Score
0.007
Published
2019-04-03
A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12.1.1, tvOS 12.1.1, watchOS 5.1.2, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud for Windows 7.9.
CVSS Score
8.8
EPSS Score
0.554
Published
2019-04-03
A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12.1.1, tvOS 12.1.1, watchOS 5.1.2, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud for Windows 7.9.
CVSS Score
8.8
EPSS Score
0.187
Published
2019-04-03
A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12.1.1, tvOS 12.1.1, watchOS 5.1.2, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud for Windows 7.9.
CVSS Score
8.8
EPSS Score
0.187
Published
2019-04-03