Vulnerabilities > Apple > Watchos > 5.0.1

DATE CVE VULNERABILITY TITLE RISK
2019-04-03 CVE-2018-4376 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products
Multiple memory corruption issues were addressed with improved memory handling.
network
low complexity
apple CWE-119
8.8
8.8
2019-04-03 CVE-2018-4375 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products
Multiple memory corruption issues were addressed with improved memory handling.
network
low complexity
apple CWE-119
8.8
8.8
2019-04-03 CVE-2018-4374 Cross-site Scripting vulnerability in Apple products
A logic issue was addressed with improved validation.
network
low complexity
apple CWE-79
6.1
6.1
2019-04-03 CVE-2018-4373 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products
Multiple memory corruption issues were addressed with improved memory handling.
network
low complexity
apple CWE-119
8.8
8.8
2019-04-03 CVE-2018-4372 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products
Multiple memory corruption issues were addressed with improved memory handling.
network
low complexity
apple CWE-119
8.8
8.8
2019-04-03 CVE-2018-4371 Out-of-bounds Read vulnerability in Apple products
An out-of-bounds read was addressed with improved input validation.
local
low complexity
apple CWE-125
7.8
7.8
2019-04-03 CVE-2018-4369 Improper Input Validation vulnerability in Apple products
A logic issue was addressed with improved state management.
network
low complexity
apple CWE-20
7.5
7.5
2019-04-03 CVE-2018-4368 Improper Input Validation vulnerability in Apple products
A denial of service issue was addressed with improved validation.
network
low complexity
apple CWE-20
6.5
6.5
2019-04-03 CVE-2018-4303 Improper Input Validation vulnerability in Apple products
An input validation issue was addressed with improved input validation.
local
low complexity
apple CWE-20
7.8
7.8
2019-04-03 CVE-2018-20506 Integer Overflow or Wraparound vulnerability in multiple products
SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow (and resultant buffer overflow) for FTS3 queries in a "merge" operation that occurs after crafted changes to FTS3 shadow tables, allowing remote attackers to execute arbitrary code by leveraging the ability to run arbitrary SQL statements (such as in certain WebSQL use cases).
network
high complexity
sqlite apple opensuse CWE-190
8.1
8.1