Apple

watchOS

1646 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.3

CVE-2016-4753

  • EPSS 0.37%
  • Published 25.09.2016 10:59:50
  • Last modified 12.04.2025 10:46:40

Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 mishandle signed disk images, which allows attackers to execute arbitrary code in a privileged context via a crafted app.

9.3

CVE-2016-4738

  • EPSS 7.63%
  • Published 25.09.2016 10:59:41
  • Last modified 12.04.2025 10:46:40

libxslt in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.

9.3

CVE-2016-4737

  • EPSS 1.84%
  • Published 25.09.2016 10:59:40
  • Last modified 12.04.2025 10:46:40

WebKit in Apple iOS before 10, Safari before 10, tvOS before 10, and watchOS before 3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.

9.3

CVE-2016-4726

  • EPSS 0.26%
  • Published 25.09.2016 10:59:30
  • Last modified 12.04.2025 10:46:40

IOAcceleratorFamily in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

8.1

CVE-2016-4725

  • EPSS 1.31%
  • Published 25.09.2016 10:59:29
  • Last modified 12.04.2025 10:46:40

IOAcceleratorFamily in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (memory corruption) via a crafted web site.

6.5

CVE-2016-4718

  • EPSS 2.32%
  • Published 25.09.2016 10:59:25
  • Last modified 12.04.2025 10:46:40

Buffer overflow in FontParser in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows remote attackers to obtain sensitive information from process memory via a crafted font file.

9.3

CVE-2016-4712

  • EPSS 0.26%
  • Published 25.09.2016 10:59:19
  • Last modified 12.04.2025 10:46:40

CoreCrypto in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows attackers to execute arbitrary code or cause a denial of service (out-of-bounds write) via a crafted app.

6.5

CVE-2016-4708

  • EPSS 4.17%
  • Published 25.09.2016 10:59:15
  • Last modified 12.04.2025 10:46:40

CFNetwork in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 misparses the Set-Cookie header, which allows remote attackers to obtain sensitive information via a crafted HTTP response.

10

CVE-2016-4702

  • EPSS 14.12%
  • Published 25.09.2016 10:59:11
  • Last modified 12.04.2025 10:46:40

Audio in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

10

CVE-2016-4658

  • EPSS 19.34%
  • Published 25.09.2016 10:59:02
  • Last modified 12.04.2025 10:46:40

xpointer.c in libxml2 before 2.9.5 (as used in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3, and other products) does not forbid namespace nodes in XPointer ranges, which allows remote attackers to execute arbitrary co...