Google Security Research

1,215 exploits Active since May 2013
CVE-2019-8717 EXPLOITDB HIGH text WRITEUP
Apple Mac OS X < 10.15 - Out-of-Bounds Write
A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15, tvOS 13. An application may be able to execute arbitrary code with kernel privileges.
CVSS 7.8
EIP-2026-103367 EXPLOITDB text WORKING POC
macOS XNU - Missing Locking in checkdirs_callback() Enables Race with fchdir_common()
CVE-2019-6208 EXPLOITDB MEDIUM c WORKING POC
iOS <12.1.3 - Memory Corruption
A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2. A malicious application may cause unexpected changes in memory shared between processes.
CVSS 5.5
EIP-2026-103366 EXPLOITDB text WORKING POC
macOS XNU - Copy-on-Write Behavior Bypass via Mount of User-Owned Filesystem Image
CVE-2018-4083 EXPLOITDB HIGH c WORKING POC
Apple Mac OS X < 10.13.3 - Memory Corruption
An issue was discovered in certain Apple products. macOS before 10.13.3 is affected. The issue involves the "Touch Bar Support" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
CVSS 7.8
CVE-2019-8661 EXPLOITDB CRITICAL text WORKING POC
Apple Mac OS X < 10.14.6 - Use After Free
A use after free issue was addressed with improved memory management. This issue is fixed in macOS Mojave 10.14.6. A remote attacker may be able to cause arbitrary code execution.
CVSS 9.8
EIP-2026-103365 EXPLOITDB text WRITEUP
macOS 10.14.6 (18G87) - Kernel Use-After-Free due to Race Condition in wait_for_namespace_event()
CVE-2017-13878 EXPLOITDB HIGH c WORKING POC
Apple <10.13.2 - Info Disclosure/DoS
An issue was discovered in certain Apple products. macOS before 10.13.2 is affected. The issue involves the "Intel Graphics Driver" component. It allows local users to bypass intended memory-read restrictions or cause a denial of service (out-of-bounds read and system crash).
CVSS 7.1
CVE-2018-4090 EXPLOITDB MEDIUM c WORKING POC
Apple TV < 11.2.5 - Information Disclosure
An issue was discovered in certain Apple products. iOS before 11.2.5 is affected. macOS before 10.13.3 is affected. tvOS before 11.2.5 is affected. watchOS before 4.2.2 is affected. The issue involves the "Kernel" component. It allows attackers to bypass intended memory-read restrictions via a crafted app.
CVSS 5.5
CVE-2017-7154 EXPLOITDB MEDIUM c WORKING POC
Apple <11.2 - Privilege Escalation/DoS
An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10.13.2 is affected. tvOS before 11.2 is affected. The issue involves the "Kernel" component. It allows local users to bypass intended memory-read restrictions or cause a denial of service (system crash).
CVSS 6.6
CVE-2019-6224 EXPLOITDB HIGH text WORKING POC
Apple Iphone OS < 12.1.3 - Memory Corruption
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2, watchOS 5.1.3. A remote attacker may be able to initiate a FaceTime call causing arbitrary code execution.
CVSS 8.8
CVE-2018-4366 EXPLOITDB HIGH text WORKING POC
Apple Iphone OS < 12.1 - Memory Corruption
A memory corruption issue was addressed with improved input validation. This issue affected versions prior to iOS 12.1.
CVSS 7.5
CVE-2018-4367 EXPLOITDB CRITICAL text WORKING POC
Apple Iphone OS < 12.1 - Memory Corruption
A memory corruption issue was addressed with improved input validation. This issue affected versions prior to iOS 12.1.
CVSS 9.8
CVE-2017-13865 EXPLOITDB MEDIUM c WORKING POC
Apple <11.2, <10.13.2, <4.2, <11.2 - Info Disclosure
An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10.13.2 is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the "Kernel" component. It allows attackers to bypass intended memory-read restrictions via a crafted app.
CVSS 5.5
CVE-2017-2472 EXPLOITDB HIGH c WORKING POC
Apple Iphone OS < 10.2.1 - Use After Free
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (use-after-free) via a crafted app.
CVSS 7.8
CVE-2017-2483 EXPLOITDB HIGH c WORKING POC
Apple Iphone OS < 10.2.1 - Memory Corruption
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Kernel" component. A buffer overflow allows attackers to execute arbitrary code in a privileged context via a crafted app.
CVSS 7.8
CVE-2017-2489 EXPLOITDB MEDIUM c WORKING POC
Apple Mac OS X < 10.12.3 - Information Disclosure
An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "Intel Graphics Driver" component. It allows attackers to obtain sensitive information from kernel memory via a crafted app.
CVSS 5.5
CVE-2017-2443 EXPLOITDB HIGH c WORKING POC
Apple Mac OS X < 10.12.3 - Memory Corruption
An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "Intel Graphics Driver" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
CVSS 7.8
CVE-2018-4230 EXPLOITDB HIGH c WORKING POC
Apple Mac OS X < 10.13.5 - Race Condition
An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the "NVIDIA Graphics Drivers" component. It allows attackers to execute arbitrary code in a privileged context via a crafted app that triggers a SetAppSupportBits use-after-free because of a race condition.
CVSS 7.0
CVE-2018-4139 EXPLOITDB HIGH text WRITEUP
Apple Mac OS X < 10.13.4 - Memory Corruption
An issue was discovered in certain Apple products. macOS before 10.13.4 is affected. The issue involves the "kext tools" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
CVSS 7.8
CVE-2016-7617 EXPLOITDB HIGH c WORKING POC
Apple Mac OS X < 10.12.1 - Denial of Service
An issue was discovered in certain Apple products. macOS before 10.12.2 is affected. The issue involves the "Bluetooth" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (type confusion) via a crafted app.
CVSS 7.8
CVE-2016-7633 EXPLOITDB HIGH c WORKING POC
Apple Mac OS X < 10.12.1 - Use After Free
An issue was discovered in certain Apple products. macOS before 10.12.2 is affected. The issue involves the "Directory Services" component. It allows local users to gain privileges or cause a denial of service (use-after-free) via unspecified vectors.
CVSS 7.8
CVE-2017-6978 EXPLOITDB HIGH c WORKING POC
Apple <10.12.5 - RCE/DoS
An issue was discovered in certain Apple products. macOS before 10.12.5 is affected. The issue involves the "Accessibility Framework" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
CVSS 7.8
CVE-2017-13875 EXPLOITDB HIGH c WORKING POC
Apple <10.13.2 - RCE/DoS
An issue was discovered in certain Apple products. macOS before 10.13.2 is affected. The issue involves the "Intel Graphics Driver" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (out-of-bounds read) via a crafted app.
CVSS 7.8
CVE-2017-2516 EXPLOITDB MEDIUM text WORKING POC
Apple <10.12.5 - Info Disclosure
An issue was discovered in certain Apple products. macOS before 10.12.5 is affected. The issue involves the "Kernel" component. It allows attackers to bypass intended memory-read restrictions via a crafted app.
CVSS 5.0