Apple Watchos

This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor	Apple	First view	2013-06-05
Product	Watchos	Last view	2025-06-16
Version		Type
Update
Edition
Language
Sofware Edition
Target Software
Target Hardware
Other

Activity : Overall

COMMON PLATFORM ENUMERATION: Repartition per Version

CPE Name	Affected CVE
cpe:2.3:o:apple:watchos:1.0:::::::*	1600
cpe:2.3:o:apple:watchos:1.0.1:::::::*	1571
cpe:2.3:o:apple:watchos::::::::	1570
cpe:2.3:o:apple:watchos:1.01:::::::*	1563
cpe:2.3:o:apple:watchos:2.0:::::::*	1562
cpe:2.3:o:apple:watchos:2.0.0:::::::*	1534
cpe:2.3:o:apple:watchos:2.0.1:::::::*	1521
cpe:2.3:o:apple:watchos:2.1:::::::*	1518
cpe:2.3:o:apple:watchos:2.2:::::::*	1485
cpe:2.3:o:apple:watchos:2.2.1:::::::*	1457
cpe:2.3:o:apple:watchos:3.1.3:::::::*	1379
cpe:2.3:o:apple:watchos:6.1.1:::::::*	964
cpe:2.3:o:apple:watchos:7.0:::::::*	797
cpe:2.3:o:apple:watchos:9.5:::::::*	311
cpe:2.3:o:apple:watchos:11.4:::::::*	22

Related : CVE

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.

Date	Alert	Description
2025-06-16	CVE-2025-43200	This issue was addressed with improved checks. This issue is fixed in watchOS 11.3.1, macOS Ventura 13.7.4, iOS 15.8.4 and iPadOS 15.8.4, iOS 16.7.11 and iPadOS 16.7.11, iPadOS 17.7.5, visionOS 2.3.1, macOS Sequoia 15.3.1, iOS 18.3.1 and iPadOS 18.3.1, macOS Sonoma 14.7.4. A logic issue existed when processing a maliciously crafted photo or video shared via an iCloud Link. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals.
2025-05-19	CVE-2025-31262	A permissions issue was addressed with additional restrictions. This issue is fixed in visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. An app may be able to modify protected parts of the file system.
2025-05-19	CVE-2025-24189	The issue was addressed with improved checks. This issue is fixed in Safari 18.3, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. Processing maliciously crafted web content may lead to memory corruption.
2025-05-19	CVE-2025-24184	The issue was addressed with improved memory handling. This issue is fixed in visionOS 2.3, iOS 18.3 and iPadOS 18.3, iPadOS 17.7.4, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. An app may be able to cause unexpected system termination.
2025-05-12	CVE-2025-31257	This issue was addressed with improved memory handling. This issue is fixed in watchOS 11.5, tvOS 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, Safari 18.5. Processing maliciously crafted web content may lead to an unexpected Safari crash.
2025-05-12	CVE-2025-31251	The issue was addressed with improved input sanitization. This issue is fixed in watchOS 11.5, macOS Sonoma 14.7.6, tvOS 18.5, iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, macOS Ventura 13.7.6. Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory.
2025-05-12	CVE-2025-31241	A double free issue was addressed with improved memory management. This issue is fixed in watchOS 11.5, macOS Sonoma 14.7.6, tvOS 18.5, iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, macOS Ventura 13.7.6. A remote attacker may cause an unexpected app termination.
2025-05-12	CVE-2025-31239	A use-after-free issue was addressed with improved memory management. This issue is fixed in watchOS 11.5, macOS Sonoma 14.7.6, tvOS 18.5, iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, macOS Ventura 13.7.6. Parsing a file may lead to an unexpected app termination.
2025-05-12	CVE-2025-31238	The issue was addressed with improved checks. This issue is fixed in watchOS 11.5, tvOS 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, Safari 18.5. Processing maliciously crafted web content may lead to memory corruption.
2025-05-12	CVE-2025-31233	The issue was addressed with improved input sanitization. This issue is fixed in watchOS 11.5, macOS Sonoma 14.7.6, tvOS 18.5, iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, macOS Ventura 13.7.6. Processing a maliciously crafted video file may lead to unexpected app termination or corrupt process memory.
2025-05-12	CVE-2025-31226	A logic issue was addressed with improved checks. This issue is fixed in watchOS 11.5, tvOS 18.5, iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5. Processing a maliciously crafted image may lead to a denial-of-service.
2025-05-12	CVE-2025-31223	The issue was addressed with improved checks. This issue is fixed in watchOS 11.5, tvOS 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, Safari 18.5. Processing maliciously crafted web content may lead to memory corruption.
2025-05-12	CVE-2025-31222	A correctness issue was addressed with improved checks. This issue is fixed in watchOS 11.5, macOS Sonoma 14.7.6, tvOS 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, macOS Ventura 13.7.6. A user may be able to elevate privileges.
2025-05-12	CVE-2025-31221	An integer overflow was addressed with improved input validation. This issue is fixed in watchOS 11.5, macOS Sonoma 14.7.6, tvOS 18.5, iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, macOS Ventura 13.7.6. A remote attacker may be able to leak memory.
2025-05-12	CVE-2025-31219	The issue was addressed with improved memory handling. This issue is fixed in watchOS 11.5, macOS Sonoma 14.7.6, tvOS 18.5, iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, macOS Ventura 13.7.6. An attacker may be able to cause unexpected system termination or corrupt kernel memory.
2025-05-12	CVE-2025-31217	The issue was addressed with improved input validation. This issue is fixed in watchOS 11.5, tvOS 18.5, iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, Safari 18.5. Processing maliciously crafted web content may lead to an unexpected Safari crash.
2025-05-12	CVE-2025-31215	The issue was addressed with improved checks. This issue is fixed in watchOS 11.5, tvOS 18.5, iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, Safari 18.5. Processing maliciously crafted web content may lead to an unexpected process crash.
2025-05-12	CVE-2025-31212	This issue was addressed through improved state management. This issue is fixed in watchOS 11.5, tvOS 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5. An app may be able to access sensitive user data.
2025-05-12	CVE-2025-31209	An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in watchOS 11.5, macOS Sonoma 14.7.6, tvOS 18.5, iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, macOS Ventura 13.7.6. Parsing a file may lead to disclosure of user information.
2025-05-12	CVE-2025-31208	The issue was addressed with improved checks. This issue is fixed in watchOS 11.5, macOS Sonoma 14.7.6, tvOS 18.5, iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, macOS Ventura 13.7.6. Parsing a file may lead to an unexpected app termination.
2025-05-12	CVE-2025-31206	A type confusion issue was addressed with improved state handling. This issue is fixed in watchOS 11.5, tvOS 18.5, iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, Safari 18.5. Processing maliciously crafted web content may lead to an unexpected Safari crash.
2025-05-12	CVE-2025-31205	The issue was addressed with improved checks. This issue is fixed in watchOS 11.5, tvOS 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, Safari 18.5. A malicious website may exfiltrate data cross-origin.
2025-05-12	CVE-2025-31204	The issue was addressed with improved memory handling. This issue is fixed in watchOS 11.5, tvOS 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, Safari 18.5. Processing maliciously crafted web content may lead to memory corruption.
2025-05-12	CVE-2025-24223	The issue was addressed with improved memory handling. This issue is fixed in watchOS 11.5, tvOS 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, Safari 18.5. Processing maliciously crafted web content may lead to memory corruption.
2025-05-12	CVE-2025-24144	An information disclosure issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.3, macOS Sonoma 14.7.6, visionOS 2.3, iPadOS 17.7.7, watchOS 11.3, macOS Ventura 13.7.6, iOS 18.3 and iPadOS 18.3, tvOS 18.3. An app may be able to leak sensitive kernel state.

CWE : Common Weakness Enumeration

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.

%	id	Name
25% (273)	CWE-119	Failure to Constrain Operations within the Bounds of a Memory Buffer
21% (229)	CWE-787	Out-of-bounds Write
11% (129)	CWE-125	Out-of-bounds Read
7% (83)	CWE-416	Use After Free
6% (70)	CWE-20	Improper Input Validation
4% (46)	CWE-200	Information Exposure
3% (34)	CWE-362	Race Condition
2% (30)	CWE-120	Buffer Copy without Checking Size of Input ('Classic Buffer Overflo...
2% (23)	CWE-190	Integer Overflow or Wraparound
1% (18)	CWE-79	Failure to Preserve Web Page Structure ('Cross-site Scripting')
1% (12)	CWE-59	Improper Link Resolution Before File Access ('Link Following')
1% (11)	CWE-665	Improper Initialization
1% (11)	CWE-476	NULL Pointer Dereference
0% (10)	CWE-22	Improper Limitation of a Pathname to a Restricted Directory ('Path ...
0% (9)	CWE-276	Incorrect Default Permissions
0% (8)	CWE-295	Certificate Issues
0% (7)	CWE-264	Permissions, Privileges, and Access Controls
0% (6)	CWE-400	Uncontrolled Resource Consumption ('Resource Exhaustion')
0% (5)	CWE-269	Improper Privilege Management
0% (4)	CWE-532	Information Leak Through Log Files
0% (4)	CWE-415	Double Free
0% (4)	CWE-399	Resource Management Errors
0% (3)	CWE-704	Incorrect Type Conversion or Cast
0% (3)	CWE-667	Insufficient Locking
0% (3)	CWE-346	Origin Validation Error

Information Assurance Vulnerability Management (IAVM)

id	Description
2015-A-0222	Multiple Security Vulnerabilities in Apple iOS Severity: Category I - VMSKEY: V0061471

Snort® IPS/IDS

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.

Date	Description
2020-11-18	Apple Safari WebKit JSPropertyNameEnumeration type confusion attempt RuleID : 56009 - Type : BROWSER-WEBKIT - Revision : 1
2020-11-18	Apple Safari WebKit JSPropertyNameEnumeration type confusion attempt RuleID : 56008 - Type : BROWSER-WEBKIT - Revision : 1
2020-09-02	WebKit JIT compiler common subexpression elimination out of bounds access att... RuleID : 54666 - Type : BROWSER-WEBKIT - Revision : 2
2020-09-02	WebKit JIT compiler common subexpression elimination out of bounds access att... RuleID : 54665 - Type : BROWSER-WEBKIT - Revision : 2
2020-04-21	Apple Safari browser putToPrimitive cross-site scripting attempt RuleID : 53479 - Type : BROWSER-WEBKIT - Revision : 1
2020-04-21	Apple Safari WebKit type confusion attempt RuleID : 53478 - Type : BROWSER-WEBKIT - Revision : 1
2020-04-21	Apple Safari WebKit type confusion attempt RuleID : 53477 - Type : BROWSER-WEBKIT - Revision : 1
2020-04-21	Apple Safari browser putToPrimitive cross-site scripting attempt RuleID : 53476 - Type : BROWSER-WEBKIT - Revision : 2
2020-04-21	Apple Safari WebKit JavaScript engine type confusion attempt RuleID : 53474 - Type : BROWSER-WEBKIT - Revision : 1
2020-04-21	Apple Safari WebKit JavaScript engine type confusion attempt RuleID : 53473 - Type : BROWSER-WEBKIT - Revision : 1
2020-01-03	Apple Safari WebKit out-of-bounds read attempt RuleID : 52342 - Type : BROWSER-WEBKIT - Revision : 1
2020-01-03	Apple Safari WebKit out-of-bounds read attempt RuleID : 52341 - Type : BROWSER-WEBKIT - Revision : 1
2020-01-03	Apple Safari WebKit memory corruption attempt RuleID : 52316 - Type : BROWSER-WEBKIT - Revision : 1
2020-01-03	Apple Safari WebKit memory corruption attempt RuleID : 52315 - Type : BROWSER-WEBKIT - Revision : 1
2020-01-03	Apple Safari WebKit memory corruption attempt RuleID : 52314 - Type : BROWSER-WEBKIT - Revision : 1
2020-01-03	Apple Safari WebKit memory corruption attempt RuleID : 52313 - Type : BROWSER-WEBKIT - Revision : 1
2019-12-17	Apple Safari WebKit handleIntrinsicCall type confusion attempt RuleID : 52245 - Type : BROWSER-WEBKIT - Revision : 1
2019-12-17	Apple Safari WebKit handleIntrinsicCall type confusion attempt RuleID : 52244 - Type : BROWSER-WEBKIT - Revision : 1
2019-11-15	WebKit JavaScriptCore emitEqualityOpImpl memory corruption attempt RuleID : 51832 - Type : BROWSER-WEBKIT - Revision : 1
2019-11-15	WebKit JavaScriptCore emitEqualityOpImpl memory corruption attempt RuleID : 51831 - Type : BROWSER-WEBKIT - Revision : 1
2019-11-12	WebKit JavaScriptCore JSValue use after free attempt RuleID : 51824 - Type : BROWSER-WEBKIT - Revision : 1
2019-11-12	WebKit JavaScriptCore JSValue use after free attempt RuleID : 51823 - Type : BROWSER-WEBKIT - Revision : 1
2019-10-08	Apple Safari memory corruption attempt RuleID : 51416 - Type : BROWSER-WEBKIT - Revision : 2
2019-10-08	Apple Safari memory corruption attempt RuleID : 51415 - Type : BROWSER-WEBKIT - Revision : 2
2019-10-01	WebKit GetIndexedPropertyStorage memory corruption attempt RuleID : 51386 - Type : BROWSER-WEBKIT - Revision : 1

Nessus® Vulnerability Scanner

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.

id	Description
2019-01-16	Name: The remote database server is affected by multiple vulnerabilities File: mariadb_10_0_37.nasl - Type: ACT_GATHER_INFO
2019-01-14	Name: The remote Debian host is missing a security update. File: debian_DLA-1633.nasl - Type: ACT_GATHER_INFO
2019-01-11	Name: The remote device is missing a vendor-supplied security patch. File: juniper_jsa10916.nasl - Type: ACT_GATHER_INFO
2019-01-03	Name: The remote Fedora host is missing a security update. File: fedora_2018-118b9abf99.nasl - Type: ACT_GATHER_INFO
2019-01-03	Name: The remote Fedora host is missing a security update. File: fedora_2018-1a8582a7ee.nasl - Type: ACT_GATHER_INFO
2019-01-03	Name: The remote Fedora host is missing a security update. File: fedora_2018-242f6c1a41.nasl - Type: ACT_GATHER_INFO
2019-01-03	Name: The remote Fedora host is missing a security update. File: fedora_2018-499f2dbc96.nasl - Type: ACT_GATHER_INFO
2019-01-03	Name: The remote Fedora host is missing a security update. File: fedora_2018-55b875c1ac.nasl - Type: ACT_GATHER_INFO
2019-01-03	Name: The remote Fedora host is missing a security update. File: fedora_2018-e2e8a07a01.nasl - Type: ACT_GATHER_INFO
2018-12-21	Name: The remote Apple TV device is affected by multiple vulnerabilities. File: appletv_12_1_1.nasl - Type: ACT_GATHER_INFO
2018-12-21	Name: The remote host is missing a macOS update that fixes multiple security vulner... File: macos_10_14_2.nasl - Type: ACT_GATHER_INFO
2018-12-21	Name: The remote host is missing a macOS or Mac OS X security update that fixes mul... File: macosx_SecUpd2018-006.nasl - Type: ACT_GATHER_INFO
2018-12-21	Name: The remote host is missing a macOS security update that fixes multiple vulner... File: macosx_SecUpd_10_13_6_2018-003.nasl - Type: ACT_GATHER_INFO
2018-12-19	Name: An application installed on remote host is affected by multiple vulnerabilities File: itunes_12_9_2.nasl - Type: ACT_GATHER_INFO
2018-12-07	Name: The remote Amazon Linux AMI host is missing a security update. File: ala_ALAS-2018-1114.nasl - Type: ACT_GATHER_INFO
2018-12-07	Name: The remote Amazon Linux AMI host is missing a security update. File: ala_ALAS-2018-1115.nasl - Type: ACT_GATHER_INFO
2018-12-07	Name: The remote Amazon Linux AMI host is missing a security update. File: ala_ALAS-2018-1116.nasl - Type: ACT_GATHER_INFO
2018-12-07	Name: A web browser installed on the remote macOS or Mac OS X host is affected by m... File: macosx_Safari12_0_2.nasl - Type: ACT_GATHER_INFO
2018-12-03	Name: The remote Gentoo host is missing one or more security-related patches. File: gentoo_GLSA-201812-04.nasl - Type: ACT_GATHER_INFO
2018-11-27	Name: The remote Fedora host is missing a security update. File: fedora_2018-192148f4ff.nasl - Type: ACT_GATHER_INFO
2018-11-13	Name: The remote Debian host is missing a security update. File: debian_DLA-1573.nasl - Type: ACT_GATHER_INFO
2018-11-06	Name: The remote Slackware host is missing a security update. File: Slackware_SSA_2018-309-01.nasl - Type: ACT_GATHER_INFO
2018-11-02	Name: The remote Apple TV device is affected by multiple vulnerabilities. File: appletv_12_1.nasl - Type: ACT_GATHER_INFO
2018-11-02	Name: An application installed on the remote host is affected by multiple vulnerabi... File: itunes_12_9_1.nasl - Type: ACT_GATHER_INFO
2018-11-02	Name: An application installed on the remote host is affected by multiple vulnerabi... File: itunes_12_9_1_banner.nasl - Type: ACT_GATHER_INFO

Mapping	Total
CVE ID(s)	1606
CWE ID(s)	57
IAVM(s)	1
Snort® Rule(s)	71
Nessus® Exploit(s)	324

	%	Affected CVE
Critical (9-10)	6.35%	102
High (7-8.9)	53.92%	866
Medium (4-6.9)	34.12%	548
Low (0.1-3.9)	3.24%	52
Pending... (0)	2.37%	38

Apple Watchos

Summary

Activity : Overall

COMMON PLATFORM ENUMERATION: Repartition per Version

Related : CVE

CWE : Common Weakness Enumeration

Information Assurance Vulnerability Management (IAVM)

Snort® IPS/IDS

Nessus® Vulnerability Scanner

vDNA Monitoring

Global informations

Risk Rating (CVSS)

Open Standards

Other Databases

COMPANY

STANDARDS

RECENT POSTS

MENU

	no vDNA Monitoring
Monitor this product now !