ianbeer

77 exploits Active since Jan 2015
CVE-2015-6996 EXPLOITDB c WORKING POC
Apple Iphone OS < 9.0.2 - Memory Corruption
IOAcceleratorFamily in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted app.
CVE-2016-1720 EXPLOITDB HIGH c WORKING POC
IOKit <9.2.1-10.11.3-9.1.1 - Privilege Escalation/DoS
IOKit in Apple iOS before 9.2.1, OS X before 10.11.3, and tvOS before 9.1.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.
CVSS 7.8
CVE-2015-7068 EXPLOITDB HIGH c WORKING POC
Apple Iphone OS < 9.2 - NULL Pointer Dereference
IOKit SCSI in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via an app that provides an unspecified userclient type.
CVSS 7.8
CVE-2015-7047 EXPLOITDB c WORKING POC
Apple Watchos < 2.0 - Improper Input Validation
The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows local users to gain privileges via a crafted mach message that is misparsed.
CVE-2015-6995 EXPLOITDB c WORKING POC
Apple Mac OS X < 10.11.0 - Memory Corruption
The Disk Images component in Apple iOS before 9.1 and OS X before 10.11.1 misparses images, which allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted app.
CVE-2015-7108 EXPLOITDB c WORKING POC
Apple Mac OS X < 10.11.1 - Memory Corruption
The Bluetooth HCI interface in Apple OS X before 10.11.2 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.
CVE-2015-7077 EXPLOITDB c WORKING POC
Apple Mac OS X < 10.11.1 - Memory Corruption
The Intel Graphics Driver component in Apple OS X before 10.11.2 allows local users to gain privileges or cause a denial of service (out-of-bounds memory access) via unspecified vectors.
CVE-2015-7106 EXPLOITDB c WORKING POC
Apple Mac OS X < 10.11.1 - Memory Corruption
The Intel Graphics Driver component in Apple OS X before 10.11.2 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.
CVE-2014-4492 EXPLOITDB c WORKING POC
Apple iOS <8.1.3, OS X <10.10.2, TV <7.0.3 - RCE
libnetcore in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and Apple TV before 7.0.3 does not verify that certain values have the expected data type, which allows attackers to execute arbitrary code in an _networkd context via a crafted XPC message from a sandboxed app, as demonstrated by lack of verification of the XPC dictionary data type.
EIP-2026-104587 EXPLOITDB c WORKING POC
Apple Mac OSX 10.9.5 - IOKit IntelAccelerator Null Pointer Dereference
CVE-2016-1863 EXPLOITDB HIGH c WORKING POC
Apple iOS <9.3.3, OS X <10.11.6, tvOS <9.2.2, watchOS <2.2.2 - Pri...
The kernel in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4582 and CVE-2016-4653.
CVSS 7.8
CVE-2015-3798 EXPLOITDB text WORKING POC
Apple iOS <8.4.1 & OS X <10.10.5 - RCE
The TRE library in Libc in Apple iOS before 8.4.1 and OS X before 10.10.5 allows context-dependent attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted regular expression, a different vulnerability than CVE-2015-3796 and CVE-2015-3797.
CVE-2017-7047 EXPLOITDB HIGH text WORKING POC
Apple <10.3.3, <10.12.6, <10.2.2, <3.2.3 - RCE/DoS
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. macOS before 10.12.6 is affected. tvOS before 10.2.2 is affected. watchOS before 3.2.3 is affected. The issue involves the "libxpc" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
CVSS 8.8
CVE-2016-7661 EXPLOITDB HIGH text WORKING POC
Apple Iphone OS < 10.1.1 - Access Control
An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. The issue involves the "Power Management" component. It allows local users to gain privileges via unspecified vectors related to Mach port name references.
CVSS 7.8
CVE-2017-7004 EXPLOITDB HIGH c WORKING POC
Apple <10.3.2, <10.12.5 - Privilege Escalation
An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. The issue involves the "Security" component. A race condition allows attackers to bypass intended entitlement restrictions for sending XPC messages via a crafted app.
CVSS 7.0
CVE-2017-2490 EXPLOITDB HIGH c WORKING POC
Apple Iphone OS < 10.2.1 - Memory Corruption
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
CVSS 7.8
EIP-2026-103360 EXPLOITDB c WORKING POC
Apple Intel GPU Driver - Use-After-Free/Double-Delete due to bad Locking
CVE-2019-6214 EXPLOITDB HIGH c WORKING POC
Apple Iphone OS < 12.1.3 - Type Confusion
A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2, watchOS 5.1.3. A malicious application may be able to break out of its sandbox.
CVSS 8.6
CVE-2019-6218 EXPLOITDB HIGH c WORKING POC
Apple Iphone OS < 12.1.3 - Out-of-Bounds Write
A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2. A malicious application may be able to execute arbitrary code with kernel privileges.
CVSS 7.8
CVE-2017-2473 EXPLOITDB HIGH c WORKING POC
Apple Iphone OS < 10.2.1 - Memory Corruption
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
CVSS 7.8
CVE-2017-2474 EXPLOITDB HIGH c WORKING POC
Apple <10.3 - RCE
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Kernel" component. An off-by-one error allows attackers to execute arbitrary code in a privileged context via a crafted app.
CVSS 7.8
CVE-2017-2478 EXPLOITDB HIGH c WORKING POC
Apple Iphone OS < 10.2.1 - Race Condition
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Kernel" component. A race condition allows attackers to execute arbitrary code in a privileged context via a crafted app.
CVSS 7.0
CVE-2017-2482 EXPLOITDB HIGH c WORKING POC
Apple Iphone OS < 10.2.1 - Memory Corruption
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Kernel" component. A buffer overflow allows attackers to execute arbitrary code in a privileged context via a crafted app.
CVSS 7.8
CVE-2017-2501 EXPLOITDB HIGH c WORKING POC
Apple Iphone OS < 10.3.2 - Race Condition
An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "Kernel" component. A race condition allows attackers to execute arbitrary code in a privileged context via a crafted app.
CVSS 7.0
EIP-2026-103409 EXPLOITDB c WORKING POC
Apple macOS/iOS Kernel - Memory Disclosure Due to Lack of Bounds Checking in netagent Socket Option Handling