butterflyhack

4 exploits Active since Apr 2019
CVE-2019-10207 NOMISEC MEDIUM WORKING POC
Linux kernel <4.18.0, <5 - Local Privilege Escalation
A flaw was found in the Linux kernel's Bluetooth implementation of UART, all versions kernel 3.x.x before 4.18.0 and kernel 5.x.x. An attacker with local access and write permissions to the Bluetooth hardware could use this flaw to issue a specially crafted ioctl function call and cause the system to crash.
20 stars
CVSS 5.5
CVE-2019-8956 NOMISEC HIGH WORKING POC
Linux Kernel 4.17-4.19.20 - Use-After-Free in SCTP Sendmsg Function
In the Linux Kernel before versions 4.20.8 and 4.19.21 a use-after-free error in the "sctp_sendmsg()" function (net/sctp/socket.c) when handling SCTP_SENDALL flag can be exploited to corrupt memory.
8 stars
CVSS 7.8
CVE-2019-16707 WRITEUP MEDIUM WRITEUP
Hunspell 1.7.0 - Invalid Read in SuggestMgr::leftcommonsubstring
Hunspell 1.7.0 has an invalid read operation in SuggestMgr::leftcommonsubstring in suggestmgr.cxx.
CVSS 6.5
CVE-2022-25576 WRITEUP MEDIUM WORKING POC
Anchor CMS 0.12.7 - Cross-Site Request Forgery via Posts Route
Anchor CMS v0.12.7 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component anchor/routes/posts.php. This vulnerability allows attackers to arbitrarily delete posts.
CVSS 4.5