watchos vulnerabilities and exploits

6.8
CVSSv2
CVE-2019-9810

Incorrect alias information in IonMonkey JIT compiler for Array.prototype.slice method may lead to missing bounds check and a buffer overflow. This vulnerability affects Firefox < 66.0.1, Firefox ESR < 60.6.1, and Thunderbird < 60.6.1....

MozillaFirefoxFirefox EsrThunderbird
7.5
CVSSv2
CVE-2017-16931

parser.c in libxml2 before 2.9.5 mishandles parameter-entity references because the NEXTL macro calls the xmlParserHandlePEReference function in the case of a '%' character in a DTD name....

NA
CVE-2019-8704

tvOS 13...

NA
CVE-2019-8654

Safari 13.0.1...

NA
CVE-2019-8725

Apple Safari could allow a remote attacker to obtain sensitive information, caused by the improper handling of service worker lifetime. By persuading a victim to visit a specially-crafted Web site, an attacker could exploit this vulnerability to leak private browsing history....

4.8
CVSSv2
CVE-2019-9506

The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka "KNOB") that can decrypt...

AppleIphone OsMac Os XTvosWatchosGoogleAndroid
NA
CVE-2019-8692

Apple macOS could allow a local attacker to obtain sensitive information, caused by a validation issue in the Graphics Drivers component. By using a specially-crafted application, an attacker could exploit this vulnerability to read restricted memory....

NA
CVE-2019-8670

Apple Safari could allow a remote attacker to conduct spoofing attacks, caused by an inconsistent user interface issue. By persuading a victim to visit a specially-crafted Web site, an attacker could exploit this vulnerability to spoof the address bar....

NA
CVE-2019-8691

Apple macOS could allow a local attacker to obtain sensitive information, caused by a validation issue in the Graphics Drivers component. By using a specially-crafted application, an attacker could exploit this vulnerability to read restricted memory....

NA
CVE-2019-8663

Apple iOS could allow a remote attacker to obtain sensitive information, caused by an error in the Found in Apps component. An attacker could exploit this vulnerability to leak memory....