ianbeer

77 exploits Active since Jan 2015
CVE-2015-6996 EXPLOITDB c WORKING POC
Apple iOS <9.1, macOS <10.11.1, watchOS <2.0.1 - Remote Code Execution via IOAcceleratorFamily Memory Corruption
IOAcceleratorFamily in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted app.
CVE-2016-1720 EXPLOITDB HIGH c WORKING POC
IOKit <9.2.1-10.11.3-9.1.1 - Privilege Escalation/DoS
IOKit in Apple iOS before 9.2.1, OS X before 10.11.3, and tvOS before 9.1.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.
CVSS 7.8
CVE-2015-7068 EXPLOITDB HIGH c WORKING POC
Apple iOS <9.2, macOS <10.11.2, tvOS <9.1, watchOS <2.1 - Denial of Service via IOKit SCSI Userclient Type
IOKit SCSI in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via an app that provides an unspecified userclient type.
CVSS 7.8
CVE-2015-7047 EXPLOITDB c WORKING POC
watchOS < 2.1 - Local Privilege Escalation via Crafted Mach Message
The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows local users to gain privileges via a crafted mach message that is misparsed.
CVE-2015-6995 EXPLOITDB c WORKING POC
Apple iOS < 9.1 and OS X < 10.11.1 - Remote Code Execution via Disk Images Component
The Disk Images component in Apple iOS before 9.1 and OS X before 10.11.1 misparses images, which allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted app.
CVE-2015-7108 EXPLOITDB c WORKING POC
macOS X < 10.11.2 - Memory Corruption via Bluetooth HCI Interface
The Bluetooth HCI interface in Apple OS X before 10.11.2 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.
CVE-2015-7077 EXPLOITDB c WORKING POC
macOS < 10.11.2 - Privilege Escalation or Denial of Service via Intel Graphics Driver Memory Access
The Intel Graphics Driver component in Apple OS X before 10.11.2 allows local users to gain privileges or cause a denial of service (out-of-bounds memory access) via unspecified vectors.
CVE-2015-7106 EXPLOITDB c WORKING POC
macOS < 10.11.2 - Memory Corruption in Intel Graphics Driver
The Intel Graphics Driver component in Apple OS X before 10.11.2 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.
CVE-2014-4492 EXPLOITDB c WORKING POC
Apple iOS <8.1.3, OS X <10.10.2, TV <7.0.3 - RCE
libnetcore in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and Apple TV before 7.0.3 does not verify that certain values have the expected data type, which allows attackers to execute arbitrary code in an _networkd context via a crafted XPC message from a sandboxed app, as demonstrated by lack of verification of the XPC dictionary data type.
EIP-2026-104587 EXPLOITDB c WORKING POC
Apple Mac OSX 10.9.5 - IOKit IntelAccelerator Null Pointer Dereference
CVE-2016-1863 EXPLOITDB HIGH c WORKING POC
Apple iOS <9.3.3, OS X <10.11.6, tvOS <9.2.2, watchOS <2.2.2 - Pri...
The kernel in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4582 and CVE-2016-4653.
CVSS 7.8
CVE-2015-3798 EXPLOITDB text WORKING POC
Apple iOS <8.4.1 & OS X <10.10.5 - RCE
The TRE library in Libc in Apple iOS before 8.4.1 and OS X before 10.10.5 allows context-dependent attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted regular expression, a different vulnerability than CVE-2015-3796 and CVE-2015-3797.
CVE-2017-7047 EXPLOITDB HIGH text WORKING POC
Apple <10.3.3, <10.12.6, <10.2.2, <3.2.3 - RCE/DoS
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. macOS before 10.12.6 is affected. tvOS before 10.2.2 is affected. watchOS before 3.2.3 is affected. The issue involves the "libxpc" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
CVSS 8.8
CVE-2016-7661 EXPLOITDB HIGH text WORKING POC
iPhone OS < 10.2 and macOS < 10.12.2 - Local Privilege Escalation via Power Management Mach Port Name References
An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. The issue involves the "Power Management" component. It allows local users to gain privileges via unspecified vectors related to Mach port name references.
CVSS 7.8
CVE-2017-7004 EXPLOITDB HIGH c WORKING POC
Apple <10.3.2, <10.12.5 - Privilege Escalation
An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. The issue involves the "Security" component. A race condition allows attackers to bypass intended entitlement restrictions for sending XPC messages via a crafted app.
CVSS 7.0
CVE-2017-2490 EXPLOITDB HIGH c WORKING POC
iPhone OS < 10.3, macOS < 10.12.4, tvOS < 10.2, watchOS < 3.2 - Remote Code Execution or Denial of Service in Kernel
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
CVSS 7.8
EIP-2026-103360 EXPLOITDB c WORKING POC
Apple Intel GPU Driver - Use-After-Free/Double-Delete due to bad Locking
CVE-2019-6214 EXPLOITDB HIGH c WORKING POC
iPhone OS < 12.1.3, macOS < 10.14.3, tvOS < 12.1.2, watchOS < 5.1.3 - Sandbox Escape via Type Confusion
A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2, watchOS 5.1.3. A malicious application may be able to break out of its sandbox.
CVSS 8.6
CVE-2019-6218 EXPLOITDB HIGH c WORKING POC
iPhone OS < 12.1.3, macOS < 10.14.3, tvOS < 12.1.2 - Out-of-bounds Write
A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2. A malicious application may be able to execute arbitrary code with kernel privileges.
CVSS 7.8
CVE-2017-2473 EXPLOITDB HIGH c WORKING POC
iPhone OS < 10.3, macOS < 10.12.4, tvOS < 10.2, watchOS < 3.2 - Remote Code Execution or Denial of Service in Kernel
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
CVSS 7.8
CVE-2017-2474 EXPLOITDB HIGH c WORKING POC
iPhone OS < 10.3, macOS < 10.12.4, tvOS < 10.2, watchOS < 3.2 - Kernel Off-by-One Remote Code Execution
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Kernel" component. An off-by-one error allows attackers to execute arbitrary code in a privileged context via a crafted app.
CVSS 7.8
CVE-2017-2478 EXPLOITDB HIGH c WORKING POC
iPhone OS < 10.3, macOS < 10.12.4, tvOS < 10.2, watchOS < 3.2 - Race Condition in Kernel
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Kernel" component. A race condition allows attackers to execute arbitrary code in a privileged context via a crafted app.
CVSS 7.0
CVE-2017-2482 EXPLOITDB HIGH c WORKING POC
iPhone OS < 10.3, macOS < 10.12.4, tvOS < 10.2, watchOS < 3.2 - Remote Code Execution via Kernel Buffer Overflow
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Kernel" component. A buffer overflow allows attackers to execute arbitrary code in a privileged context via a crafted app.
CVSS 7.8
CVE-2017-2501 EXPLOITDB HIGH c WORKING POC
iPhone OS < 10.3.2, macOS < 10.12.5, tvOS < 10.2.1, watchOS < 3.2.2 - Race Condition in Kernel
An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "Kernel" component. A race condition allows attackers to execute arbitrary code in a privileged context via a crafted app.
CVSS 7.0
EIP-2026-103409 EXPLOITDB c WORKING POC
Apple macOS/iOS Kernel - Memory Disclosure Due to Lack of Bounds Checking in netagent Socket Option Handling