Google Security Research

1,215 exploits Active since May 2013
CVE-2016-1755 EXPLOITDB HIGH c WORKING POC
Apple iOS <9.3 - Privilege Escalation
The kernel in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9.2, and watchOS before 2.2 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1754.
CVSS 7.8
EIP-2026-104554 EXPLOITDB c WORKING POC
Apple Mac OSX 10.10 - IOKit IntelAccelerator Null Pointer Dereference
CVE-2015-7084 EXPLOITDB text WORKING POC
Apple iOS <9.2, macOS <10.11.2, tvOS <9.1, watchOS <2.1 - Memory Corruption in Kernel
The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-7083.
CVE-2015-6996 EXPLOITDB c WORKING POC
Apple iOS <9.1, macOS <10.11.1, watchOS <2.0.1 - Remote Code Execution via IOAcceleratorFamily Memory Corruption
IOAcceleratorFamily in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted app.
CVE-2015-7047 EXPLOITDB c WORKING POC
watchOS < 2.1 - Local Privilege Escalation via Crafted Mach Message
The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows local users to gain privileges via a crafted mach message that is misparsed.
CVE-2017-2365 EXPLOITDB MEDIUM html WORKING POC
Apple <10.2.1, <10.0.3, <10.1.1 - SSRF
An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. tvOS before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site.
CVSS 6.5
EIP-2026-103912 EXPLOITDB text WRITEUP
Google Chrome 72.0.3626.121 / 74.0.3725.0 - 'NewFixedDoubleArray' Integer Overflow
EIP-2026-103913 EXPLOITDB html WRITEUP
Google Chrome 72.0.3626.96 / 74.0.3702.0 - 'JSPromise::TriggerPromiseReactions' Type Confusion
CVE-2018-6065 EXPLOITDB HIGH text WORKING POC
Google Chrome <65.0.3325.146 - Heap Corruption
Integer overflow in computing the required allocation size when instantiating a new javascript object in V8 in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVSS 8.8
CVE-2017-2619 EXPLOITDB HIGH text WORKING POC
Samba < 4.4.12 - Symlink Race Condition
Samba before versions 4.6.1, 4.5.7 and 4.4.11 are vulnerable to a malicious client using a symlink race to allow access to areas of the server file system not exported under the share definition.
CVSS 7.5
CVE-2018-5702 EXPLOITDB HIGH WRITEUP
Transmission < 2.92 - Unauthenticated Remote Code Execution via DNS Rebinding
Transmission through 2.92 relies on X-Transmission-Session-Id (which is not a forbidden header for Fetch) for access control, which allows remote attackers to execute arbitrary RPC commands, and consequently write to arbitrary files, via POST requests to /transmission/rpc in conjunction with a DNS rebinding attack.
CVSS 8.8
EIP-2026-104143 EXPLOITDB text WRITEUP
μTorrent (uTorrent) Classic/Web - JSON-RPC Remote Code Execution / Information Disclosure
EIP-2026-104166 EXPLOITDB html WORKING POC
Apple Safari 10.0.3(12602.4.8) / WebKit - 'HTMLObjectElement::updateWidget' Universal Cross-Site Scripting
CVE-2017-2442 EXPLOITDB MEDIUM html WORKING POC
Safari < 10.1 - Same Origin Policy Bypass via WebKit JavaScript Bindings
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. The issue involves the "WebKit JavaScript Bindings" component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site.
CVSS 6.5
CVE-2017-2367 EXPLOITDB MEDIUM html WORKING POC
Safari < 10.1 - Same Origin Policy Bypass via WebKit
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site.
CVSS 6.5
EIP-2026-104167 EXPLOITDB html WORKING POC
Apple WebKit / Safari 10.0.2(12602.3.12.0.1) - 'operationSpreadGeneric' Universal Cross-Site Scripting
EIP-2026-104168 EXPLOITDB html WORKING POC
Apple WebKit / Safari 10.0.2(12602.3.12.0.1) - 'PrototypeMap::createEmptyStructure' Universal Cross-Site Scripting
CVE-2017-2480 EXPLOITDB MEDIUM html WORKING POC
iCloud < 6.2 - Exposure of Sensitive Information via WebKit Same Origin Policy Bypass
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. iCloud before 6.2 on Windows is affected. iTunes before 12.6 on Windows is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site.
CVSS 6.5
CVE-2017-2479 EXPLOITDB MEDIUM html WORKING POC
Safari < 10.1 - Same Origin Policy Bypass via WebKit
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. iCloud before 6.2 on Windows is affected. iTunes before 12.6 on Windows is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site.
CVSS 6.5
CVE-2017-2504 EXPLOITDB MEDIUM html WORKING POC
Safari < 10.1.1 - Universal Cross-Site Scripting via WebKit Editor Commands
An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. tvOS before 10.2.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to conduct Universal XSS (UXSS) attacks via a crafted web site that improperly interacts with WebKit Editor commands.
CVSS 6.1
CVE-2017-2445 EXPLOITDB MEDIUM html WORKING POC
Safari < 10.1 - Universal Cross-Site Scripting via Crafted Frame Objects
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to conduct Universal XSS (UXSS) attacks via crafted frame objects.
CVSS 6.1
CVE-2017-2457 EXPLOITDB HIGH html WORKING POC
Safari < 10.1 - Remote Code Execution via WebKit Memory Corruption
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
CVSS 8.8
CVE-2017-2371 EXPLOITDB MEDIUM html WORKING POC
iPhone OS < 10.2.1 - Remote Popup Launch via WebKit
An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. The issue involves the "WebKit" component, which allows remote attackers to launch popups via a crafted web site.
CVSS 6.5
CVE-2017-2364 EXPLOITDB MEDIUM html WORKING POC
iPhone OS < 10.2.1 and Safari < 10.0.3 - Same Origin Policy Bypass in WebKit
An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site.
CVSS 6.5
CVE-2015-8727 EXPLOITDB MEDIUM text WORKING POC
Wireshark 1.12.x < 1.12.9 and 2.0.x < 2.0.1 - Denial of Service via RSVP Dissector Use-After-Free
The dissect_rsvp_common function in epan/dissectors/packet-rsvp.c in the RSVP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not properly maintain request-key data, which allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted packet.
CVSS 5.5