Project Zero (Google)

6 exploits Active since Apr 2016
CVE-2017-0175 EXPLOITDB MEDIUM text WORKING POC
Windows 7 SP1 and Windows Server 2008 SP2/R2 SP1 - Authenticated Information Disclosure via Crafted Document
The Windows kernel in Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows authenticated attackers to obtain sensitive information via a specially crafted document, aka "Windows Kernel Information Disclosure Vulnerability," a different vulnerability than CVE-2017-0220, CVE-2017-0258, and CVE-2017-0259.
CVSS 4.7
CVE-2017-0220 EXPLOITDB MEDIUM text WORKING POC
Windows 7 SP1, Server 2008 SP2/R2 SP1, 2012 Gold - Authenticated Info Disclosure via Crafted Document
The Windows kernel in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, and Windows Server 2012 Gold allows authenticated attackers to obtain sensitive information via a specially crafted document, aka "Windows Kernel Information Disclosure Vulnerability," a different vulnerability than CVE-2017-0175, CVE-2017-0258, and CVE-2017-0259.
CVSS 4.7
EIP-2026-103687 EXPLOITDB text WORKING POC
unrar 5.40 - 'VMSF_DELTA' Filter Arbitrary Memory Write
CVE-2016-1096 EXPLOITDB HIGH text WORKING POC
Adobe Flash Player <=21.0.0.213 in IE/Edge - Impact Unknown
Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.
CVSS 7.5
CVE-2016-2417 EXPLOITDB CRITICAL text WORKING POC
Android < 4.4.4/5.0.2/5.1.1/2016-04-01 - Information Disclosure via Uninitialized Data
media/libmedia/IOMX.cpp in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 does not initialize a parameter data structure, which allows attackers to obtain sensitive information from process memory, and consequently bypass an unspecified protection mechanism, via unspecified vectors, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 26914474.
CVSS 9.8
EIP-2026-100033 EXPLOITDB text WORKING POC
LG G4 - lgdrmserver Binder Service Multiple Race Conditions