Google Security Research

1,215 exploits Active since May 2013
CVE-2017-7115 EXPLOITDB HIGH text WORKING POC
iPhone OS < 10.3.3 and tvOS < 10.2.2 - Remote Code Execution or Denial of Service via Wi-Fi Race Condition
An issue was discovered in certain Apple products. iOS before 11 is affected. tvOS before 11 is affected. The issue involves the "Wi-Fi" component. It might allow remote attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via crafted Wi-Fi traffic that leverages a race condition.
CVSS 8.1
CVE-2019-8613 EXPLOITDB CRITICAL text WORKING POC
iPhone OS < 12.3 - Remote Code Execution via Use-After-Free
A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.3, tvOS 12.3, watchOS 5.2.1. A remote attacker may be able to cause arbitrary code execution.
CVSS 9.8
CVE-2016-1719 EXPLOITDB HIGH text WRITEUP
Apple iOS <9.2.1-OS X <10.11.3-tvOS <9.1.1 - Privilege Escalation/DoS
The IOHIDFamily API in Apple iOS before 9.2.1, OS X before 10.11.3, and tvOS before 9.1.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.
CVSS 7.8
CVE-2016-1719 EXPLOITDB HIGH text WRITEUP
Apple iOS <9.2.1-OS X <10.11.3-tvOS <9.1.1 - Privilege Escalation/DoS
The IOHIDFamily API in Apple iOS before 9.2.1, OS X before 10.11.3, and tvOS before 9.1.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.
CVSS 7.8
CVE-2016-1719 EXPLOITDB HIGH text WRITEUP
Apple iOS <9.2.1-OS X <10.11.3-tvOS <9.1.1 - Privilege Escalation/DoS
The IOHIDFamily API in Apple iOS before 9.2.1, OS X before 10.11.3, and tvOS before 9.1.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.
CVSS 7.8
CVE-2016-1719 EXPLOITDB HIGH text WRITEUP
Apple iOS <9.2.1-OS X <10.11.3-tvOS <9.1.1 - Privilege Escalation/DoS
The IOHIDFamily API in Apple iOS before 9.2.1, OS X before 10.11.3, and tvOS before 9.1.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.
CVSS 7.8
CVE-2016-1719 EXPLOITDB HIGH text WRITEUP
Apple iOS <9.2.1-OS X <10.11.3-tvOS <9.1.1 - Privilege Escalation/DoS
The IOHIDFamily API in Apple iOS before 9.2.1, OS X before 10.11.3, and tvOS before 9.1.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.
CVSS 7.8
CVE-2016-1719 EXPLOITDB HIGH text WRITEUP
Apple iOS <9.2.1-OS X <10.11.3-tvOS <9.1.1 - Privilege Escalation/DoS
The IOHIDFamily API in Apple iOS before 9.2.1, OS X before 10.11.3, and tvOS before 9.1.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.
CVSS 7.8
EIP-2026-102164 EXPLOITDB text WORKING POC
iOS 12.4 - Sandbox Escape due to Integer Overflow in mediaserverd
CVE-2019-8641 EXPLOITDB CRITICAL text WORKING POC
iPhone OS < 12.4 - Out-of-bounds Read
An out-of-bounds read was addressed with improved input validation.
CVSS 9.8
CVE-2018-4384 EXPLOITDB HIGH text WORKING POC
iPhone OS < 12.1 and watchOS < 5.1 - Memory Corruption
A memory corruption issue was addressed with improved input validation. This issue affected versions prior to iOS 12.1, watchOS 5.1.
CVSS 7.8
EIP-2026-102157 EXPLOITDB c WORKING POC
Apple iOS Kernel - Use-After-Free due to bad Error Handling in Personas
EIP-2026-102156 EXPLOITDB c WORKING POC
Apple iOS Kernel - Use-After-Free due to bad Error Handling in Personas
EIP-2026-102154 EXPLOITDB text WORKING POC
Apple iOS - Kernel Stack Memory Disclosure due to Failure to Check copyin Return Value
CVE-2017-0569 EXPLOITDB HIGH text WORKING POC
Android Kernel <3.18 - Privilege Escalation
An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-34198729. References: B-RB#110666.
CVSS 7.0
CVE-2017-0561 EXPLOITDB CRITICAL text WORKING POC
Linux Kernel - Remote Code Execution via Broadcom Wi-Fi Firmware
A remote code execution vulnerability in the Broadcom Wi-Fi firmware could enable a remote attacker to execute arbitrary code within the context of the Wi-Fi SoC. This issue is rated as Critical due to the possibility of remote code execution in the context of the Wi-Fi SoC. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-34199105. References: B-RB#110814.
CVSS 9.8
EIP-2026-101048 EXPLOITDB text WORKING POC
Multiple CPUs - Information Leak Using Speculative Execution
CVE-2018-3639 EXPLOITDB MEDIUM c WORKING POC
Intel Atom C/E/X5/X7/Z - Information Disclosure via Speculative Store Bypass
Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4.
CVSS 5.5
CVE-2017-0561 EXPLOITDB CRITICAL text WORKING POC
Linux Kernel - Remote Code Execution via Broadcom Wi-Fi Firmware
A remote code execution vulnerability in the Broadcom Wi-Fi firmware could enable a remote attacker to execute arbitrary code within the context of the Wi-Fi SoC. This issue is rated as Critical due to the possibility of remote code execution in the context of the Wi-Fi SoC. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-34199105. References: B-RB#110814.
CVSS 9.8
EIP-2026-100773 EXPLOITDB text WORKING POC
cgit < 1.2.1 - 'cgit_clone_objects()' Directory Traversal
CVE-2017-3807 EXPLOITDB HIGH text WRITEUP
Cisco Adaptive Security Appliance Software 9.0-9.6 - Authenticated Heap Overflow via Clientless SSL VPN CIFS URL
A vulnerability in Common Internet Filesystem (CIFS) code in the Clientless SSL VPN functionality of Cisco ASA Software, Major Releases 9.0-9.6, could allow an authenticated, remote attacker to cause a heap overflow. The vulnerability is due to insufficient validation of user supplied input. An attacker could exploit this vulnerability by sending a crafted URL to the affected system. An exploit could allow the remote attacker to cause a reload of the affected system or potentially execute code. Note: Only traffic directed to the affected system can be used to exploit this vulnerability. This vulnerability affects systems configured in routed firewall mode only and in single or multiple context mode. This vulnerability can be triggered by IPv4 or IPv6 traffic. A valid TCP connection is needed to perform the attack. The attacker needs to have valid credentials to log in to the Clientless SSL VPN portal. Vulnerable Cisco ASA Software running on the following products may be affected by this vulnerability: Cisco ASA 5500 Series Adaptive Security Appliances, Cisco ASA 5500-X Series Next-Generation Firewalls, Cisco Adaptive Security Virtual Appliance (ASAv), Cisco ASA for Firepower 9300 Series, Cisco ASA for Firepower 4100 Series. Cisco Bug IDs: CSCvc23838.
CVSS 8.8
EIP-2026-100059 EXPLOITDB text WORKING POC
Samsung Android JACK - Local Privilege Escalation
EIP-2026-100058 EXPLOITDB text WRITEUP
Google Android TSP sysfs - 'cmd_store' Multiple Overflows
EIP-2026-100056 EXPLOITDB text WRITEUP
Google Android - RKP EL1 Code Loading Bypass
CVE-2018-9445 EXPLOITDB MEDIUM text WORKING POC
Android 6.0-8.1 - Path Traversal in Utils.cpp readMetadata
In readMetadata of Utils.cpp, there is a possible path traversal bug due to a confused deputy. This could lead to local escalation of privilege when mounting a USB device with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-6.0 Android-6.0.1 Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android ID: A-80436257.
CVSS 6.8