watchos vulnerabilities and exploits

7.8
CVSSv2
CVE-2019-9506

The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka "KNOB") that can decrypt...

NA
CVE-2019-8670

Apple Safari could allow a remote attacker to conduct spoofing attacks, caused by an inconsistent user interface issue. By persuading a victim to visit a specially-crafted Web site, an attacker could exploit this vulnerability to spoof the address bar....

NA
CVE-2019-8692

Apple macOS could allow a local attacker to obtain sensitive information, caused by a validation issue in the Graphics Drivers component. By using a specially-crafted application, an attacker could exploit this vulnerability to read restricted memory....

NA
CVE-2019-8691

Apple macOS could allow a local attacker to obtain sensitive information, caused by a validation issue in the Graphics Drivers component. By using a specially-crafted application, an attacker could exploit this vulnerability to read restricted memory....

NA
CVE-2019-8663

Apple iOS could allow a remote attacker to obtain sensitive information, caused by an error in the Found in Apps component. An attacker could exploit this vulnerability to leak memory....

6
CVSSv2
CVE-2018-16860

A flaw was found in samba's Heimdal KDC implementation, versions 4.8.x up to, excluding 4.8.12, 4.9.x up to, excluding 4.9.8 and 4.10.x up to, excluding 4.10.3, when used in AD DC mode. A man in the middle attacker could use this flaw to intercept the request to the KDC and...

NA
CVE-2019-8657

Apple tvOS could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds read in the UIFoundation component. By persuading a victim to open a specially crafted document, an attacker could exploit this vulnerability to execute arbitrary code on...

NA
CVE-2019-8660

Apple watchOS could allow a remote attacker to execute arbitrary code on the system, caused by a memory corruption flaw in the Core Data component. By persuading a victim to open a specially-crafted content, an attacker could exploit this vulnerability to execute arbitrary code...

NA
CVE-2019-8647

Apple watchOS could allow a remote attacker to execute arbitrary code on the system, caused by an use-after-free flaw in the Core Data component. By persuading a victim to open a specially-crafted content, an attacker could exploit this vulnerability to execute arbitrary code on...

NA
CVE-2019-8662

Apple watchOS and tvOS could allow a remote attacker to execute arbitrary code on the system, caused by an use-after-free flaw in the Quick Look component. By persuading a victim to open a specially-crafted content, an attacker could exploit this vulnerability to execute...