Product:

Watchos

(Apple)
Date Id Summary Products Score Patch Annotated
2021-07-20 CVE-2021-36976 libarchive 3.4.1 through 3.5.1 has a use-after-free in copy_string (called from do_uncompress_block and process_block). Ipados, Iphone_os, Macos, Watchos, Fedora, Libarchive, Universal_forwarder 6.5
2021-08-24 CVE-2021-36690 A segmentation fault can occur in the sqlite3.exe command-line component of SQLite 3.36.0 via the idxGetTableInfo function when there is a crafted SQL query. NOTE: the vendor disputes the relevance of this report because a sqlite3.exe user already has full privileges (e.g., is intentionally allowed to execute commands). This report does NOT imply any problem in the SQLite library. Iphone_os, Macos, Tvos, Watchos, Zfs_storage_appliance_kit, Sqlite 7.5
2024-03-05 CVE-2024-23225 A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 16.7.6 and iPadOS 16.7.6, iOS 17.4 and iPadOS 17.4. An attacker with arbitrary kernel read and write capability may be able to bypass kernel memory protections. Apple is aware of a report that this issue may have been exploited. Ipad_os, Iphone_os, Macos, Tvos, Visionos, Watchos 7.8
2024-03-05 CVE-2024-23296 A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 17.4 and iPadOS 17.4. An attacker with arbitrary kernel read and write capability may be able to bypass kernel memory protections. Apple is aware of a report that this issue may have been exploited. Ipad_os, Iphone_os, Macos, Tvos, Visionos, Watchos 7.8
2024-01-23 CVE-2024-23204 The issue was addressed with additional permissions checks. This issue is fixed in macOS Sonoma 14.3, watchOS 10.3, iOS 17.3 and iPadOS 17.3. A shortcut may be able to use sensitive data with certain actions without prompting the user. Ipados, Iphone_os, Macos, Watchos 7.5
2024-01-23 CVE-2024-23217 A privacy issue was addressed with improved handling of temporary files. This issue is fixed in macOS Sonoma 14.3, watchOS 10.3, iOS 17.3 and iPadOS 17.3. An app may be able to bypass certain Privacy preferences. Ipados, Iphone_os, Macos, Watchos 3.3
2024-01-23 CVE-2024-23218 A timing side-channel issue was addressed with improvements to constant-time computation in cryptographic functions. This issue is fixed in macOS Sonoma 14.3, watchOS 10.3, tvOS 17.3, iOS 17.3 and iPadOS 17.3. An attacker may be able to decrypt legacy RSA PKCS#1 v1.5 ciphertexts without having the private key. Ipados, Iphone_os, Macos, Tvos, Watchos 5.9
2024-01-09 CVE-2022-48618 The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.1, watchOS 9.2, iOS 16.2 and iPadOS 16.2, tvOS 16.2. An attacker with arbitrary read and write capability may be able to bypass Pointer Authentication. Apple is aware of a report that this issue may have been exploited against versions of iOS released before iOS 15.7.1. Ipados, Iphone_os, Macos, Tvos, Watchos 7.0
2024-01-23 CVE-2024-23206 An access issue was addressed with improved access restrictions. This issue is fixed in watchOS 10.3, tvOS 17.3, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, iOS 16.7.5 and iPadOS 16.7.5, Safari 17.3. A maliciously crafted webpage may be able to fingerprint the user. Ipados, Iphone_os, Macos, Safari, Tvos, Watchos 6.5
2024-01-23 CVE-2024-23211 A privacy issue was addressed with improved handling of user preferences. This issue is fixed in watchOS 10.3, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, iOS 16.7.5 and iPadOS 16.7.5, Safari 17.3. A user's private browsing activity may be visible in Settings. Ipados, Iphone_os, Macos, Safari, Watchos 3.3