ianbeer

77 exploits Active since Jan 2015
CVE-2018-4243 EXPLOITDB HIGH c WORKING POC
Apple Iphone OS < 11.4 - Memory Corruption
An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "Kernel" component. A buffer overflow in getvolattrlist allows attackers to execute arbitrary code in a privileged context via a crafted app.
CVSS 7.8
CVE-2018-4206 EXPLOITDB HIGH c WORKING POC
Apple TV < 11.4 - Memory Corruption
An issue was discovered in certain Apple products. iOS before 11.3.1 is affected. macOS before 10.13.4 Security Update 2018-001 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "Crash Reporter" component. It allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted app that replaces a privileged port name.
CVSS 7.8
CVE-2017-13847 EXPLOITDB HIGH c WORKING POC
Apple <11.2, <10.13.2 - RCE/DoS
An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10.13.2 is affected. The issue involves the "IOKit" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
CVSS 7.8
CVE-2017-13867 EXPLOITDB HIGH c WORKING POC
Apple <11.2, <10.13.2, <4.2, <11.2 - RCE/DoS
An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10.13.2 is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
CVSS 7.8
CVE-2017-2353 EXPLOITDB HIGH c WORKING POC
Apple <10.12.3 - RCE/DoS
An issue was discovered in certain Apple products. macOS before 10.12.3 is affected. The issue involves the "Bluetooth" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (use-after-free) via a crafted app.
CVSS 7.8
CVE-2017-2360 EXPLOITDB HIGH c WORKING POC
Apple <10.2.1, <10.12.3, <10.1.1, <3.1.3 - RCE/DoS
An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. macOS before 10.12.3 is affected. tvOS before 10.1.1 is affected. watchOS before 3.1.3 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (use-after-free) via a crafted app.
CVSS 7.8
CVE-2016-7660 EXPLOITDB HIGH c WORKING POC
Apple Iphone OS < 10.1.1 - Access Control
An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the "syslog" component. It allows local users to gain privileges via unspecified vectors related to Mach port name references.
CVSS 7.8
CVE-2016-7661 EXPLOITDB HIGH c WORKING POC
Apple Iphone OS < 10.1.1 - Access Control
An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. The issue involves the "Power Management" component. It allows local users to gain privileges via unspecified vectors related to Mach port name references.
CVSS 7.8
CVE-2016-1807 EXPLOITDB MEDIUM c WORKING POC
Apple <9.3.2, <10.11.5, <9.2.1, <2.2.1 - Info Disclosure
Race condition in the Disk Images subsystem in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows local users to obtain sensitive information from kernel memory via unspecified vectors.
CVSS 5.1
CVE-2015-7084 EXPLOITDB c WORKING POC
Apple Iphone OS < 9.1 - Memory Corruption
The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-7083.
CVE-2015-7110 EXPLOITDB c WORKING POC
Apple Mac OS X < 10.11.1 - Memory Corruption
The Disk Images component in Apple OS X before 10.11.2 and tvOS before 9.1 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted disk image.
CVE-2015-7047 EXPLOITDB c WORKING POC
Apple Watchos < 2.0 - Improper Input Validation
The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows local users to gain privileges via a crafted mach message that is misparsed.
CVE-2015-7083 EXPLOITDB c WORKING POC
Apple Mac OS X < 10.11.1 - Memory Corruption
The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-7084.
CVE-2018-6084 EXPLOITDB HIGH WORKING POC
Google Chrome <66.0.3359.117 - RCE
Insufficiently sanitized distributed objects in Updater in Google Chrome on macOS prior to 66.0.3359.117 allowed a local attacker to execute arbitrary code via an executable file.
CVSS 7.8
CVE-2016-7621 EXPLOITDB HIGH c WORKING POC
Apple Watchos < 2.2.2 - Use After Free
An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the "Kernel" component. It allows local users to execute arbitrary code in a privileged context or cause a denial of service (use-after-free) via unspecified vectors.
CVSS 7.8
CVE-2018-4083 EXPLOITDB HIGH c WORKING POC
Apple Mac OS X < 10.13.3 - Memory Corruption
An issue was discovered in certain Apple products. macOS before 10.13.3 is affected. The issue involves the "Touch Bar Support" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
CVSS 7.8
CVE-2017-13878 EXPLOITDB HIGH c WORKING POC
Apple <10.13.2 - Info Disclosure/DoS
An issue was discovered in certain Apple products. macOS before 10.13.2 is affected. The issue involves the "Intel Graphics Driver" component. It allows local users to bypass intended memory-read restrictions or cause a denial of service (out-of-bounds read and system crash).
CVSS 7.1
CVE-2017-13865 EXPLOITDB MEDIUM c WORKING POC
Apple <11.2, <10.13.2, <4.2, <11.2 - Info Disclosure
An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10.13.2 is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the "Kernel" component. It allows attackers to bypass intended memory-read restrictions via a crafted app.
CVSS 5.5
CVE-2017-2472 EXPLOITDB HIGH c WORKING POC
Apple Iphone OS < 10.2.1 - Use After Free
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (use-after-free) via a crafted app.
CVSS 7.8
CVE-2017-2483 EXPLOITDB HIGH c WORKING POC
Apple Iphone OS < 10.2.1 - Memory Corruption
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Kernel" component. A buffer overflow allows attackers to execute arbitrary code in a privileged context via a crafted app.
CVSS 7.8
CVE-2017-2489 EXPLOITDB MEDIUM c WORKING POC
Apple Mac OS X < 10.12.3 - Information Disclosure
An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "Intel Graphics Driver" component. It allows attackers to obtain sensitive information from kernel memory via a crafted app.
CVSS 5.5
CVE-2017-2443 EXPLOITDB HIGH c WORKING POC
Apple Mac OS X < 10.12.3 - Memory Corruption
An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "Intel Graphics Driver" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
CVSS 7.8
CVE-2018-4230 EXPLOITDB HIGH c WORKING POC
Apple Mac OS X < 10.13.5 - Race Condition
An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the "NVIDIA Graphics Drivers" component. It allows attackers to execute arbitrary code in a privileged context via a crafted app that triggers a SetAppSupportBits use-after-free because of a race condition.
CVSS 7.0
CVE-2016-7617 EXPLOITDB HIGH c WORKING POC
Apple Mac OS X < 10.12.1 - Denial of Service
An issue was discovered in certain Apple products. macOS before 10.12.2 is affected. The issue involves the "Bluetooth" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (type confusion) via a crafted app.
CVSS 7.8
CVE-2016-7633 EXPLOITDB HIGH c WORKING POC
Apple Mac OS X < 10.12.1 - Use After Free
An issue was discovered in certain Apple products. macOS before 10.12.2 is affected. The issue involves the "Directory Services" component. It allows local users to gain privileges or cause a denial of service (use-after-free) via unspecified vectors.
CVSS 7.8