Exploitdb Exploits
50,076 exploits tracked across all sources.
Apple iOS <9.2, macOS <10.11.2, tvOS <9.1, watchOS <2.1 - Memory Corruption in Kernel
The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-7083.
by Google Security Research
Apple macOS X < 10.11.2 and iPhone OS < 9.1 - Memory Corruption in Disk Images
The Disk Images component in Apple OS X before 10.11.2 and tvOS before 9.1 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted disk image.
by Google Security Research
watchOS < 2.1 - Local Privilege Escalation via Crafted Mach Message
The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows local users to gain privileges via a crafted mach message that is misparsed.
by Google Security Research
Apple Mac OS X < 10.11.1 - Memory Corruption
The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-7084.
by Google Security Research
Apple iOS <9.2.1, OS X <10.11.3, tvOS <9.1.1 - Memory Corruption
The kernel in Apple iOS before 9.2.1, OS X before 10.11.3, and tvOS before 9.1.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.
by Google Security Research
CVSS 7.8
Apple iOS <9.2, macOS <10.11.2, tvOS <9.1, watchOS <2.1 - Memory Corruption in IOHIDFamily API
The IOHIDFamily API in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2015-7111.
by Google Security Research
Apple iOS <9.2.1-OS X <10.11.3-tvOS <9.1.1 - Privilege Escalation/DoS
The IOHIDFamily API in Apple iOS before 9.2.1, OS X before 10.11.3, and tvOS before 9.1.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.
by Google Security Research
CVSS 7.8
Apple iOS <9.2.1-OS X <10.11.3-tvOS <9.1.1 - Privilege Escalation/DoS
The IOHIDFamily API in Apple iOS before 9.2.1, OS X before 10.11.3, and tvOS before 9.1.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.
by Google Security Research
CVSS 7.8
Apple iOS <9.2.1-OS X <10.11.3-tvOS <9.1.1 - Privilege Escalation/DoS
The IOHIDFamily API in Apple iOS before 9.2.1, OS X before 10.11.3, and tvOS before 9.1.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.
by Google Security Research
CVSS 7.8
Apple iOS <9.2.1-OS X <10.11.3-tvOS <9.1.1 - Privilege Escalation/DoS
The IOHIDFamily API in Apple iOS before 9.2.1, OS X before 10.11.3, and tvOS before 9.1.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.
by Google Security Research
CVSS 7.8
Apple iOS <9.2.1-OS X <10.11.3-tvOS <9.1.1 - Privilege Escalation/DoS
The IOHIDFamily API in Apple iOS before 9.2.1, OS X before 10.11.3, and tvOS before 9.1.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.
by Google Security Research
CVSS 7.8
Apple iOS <9.2.1-OS X <10.11.3-tvOS <9.1.1 - Privilege Escalation/DoS
The IOHIDFamily API in Apple iOS before 9.2.1, OS X before 10.11.3, and tvOS before 9.1.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.
by Google Security Research
CVSS 7.8
WordPress appointment-booking-calendar 1.1.24 Privilege Escalation XSS
WordPress appointment-booking-calendar 1.1.24 contains multiple privilege escalation vulnerabilities that allow unauthenticated attackers to modify calendar settings and inject persistent cross-site scripting payloads through the admin.php page parameters. Attackers can inject malicious JavaScript into the 'ict' and 'ics' options or the calendar 'name' parameter via GET requests to execute arbitrary scripts when the calendar is displayed or accessed in the administration interface.
by i0akiN SEC-LABORATORY
CVSS 7.2
WordPress Plugin Booking Calendar Contact Form 1.1.24 - addslashes SQL Injection
by i0akiN SEC-LABORATORY
BK Mobile jQuery CMS 2.4 - Multiple Vulnerabilities
by Rahul Pratap Singh
Secure Item Hub 1.0 iOS - Multiple Vulnerabilities
by Vulnerability-Lab
Foxit Reader 7.2.8.1124 - '.PDF' Parsing Memory Corruption
by Francis Provencher
WordPress Plugin Booking Calendar Contact Form 1.1.23 - Shortcode SQL Injection
by i0akiN SEC-LABORATORY
Wireshark - hiqnet_display_data Static Out-of-Bounds Read
by Google Security Research
Wireshark - dissect_nhdr_extopt Stack Buffer Overflow
by Google Security Research
Wireshark - dissect_ber_constrained_bitstring Heap Out-of-Bounds Read
by Google Security Research
Wireshark - 'nettrace_3gpp_32_423_file_open' Stack Out-of-Bounds Read
by Google Security Research
By Source