Loading HuntDB...

Vulnerability Intelligence by wss.sh

Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News

More Sources

HackerOne Reports

Bug bounty disclosures

WordPress Vulnerabilities

WordPress plugins & themes

Tools & Data

Trending Insights

Popular vulnerabilities

Advanced Search

Filter & search CVEs

Product Inventory

Software & vendors

Sign In Sign Up

Coinbase - HackerOne Reports

View on HackerOne

33

Total Reports

3

Critical

0

High

1

Medium

9

Low

Requestor Email Disclosure via Email Notification

Reported by: japz | Disclosed:

Low

Weakness: Information Disclosure

Create Multiple Account Using Similar X-CSRF token

Reported by: rajauzairabdullah | Disclosed:

Weakness: Violation of Secure Design Principles

Prepopulation of email address and name leaks information provided to other merchants

Reported by: cablej | Disclosed:

Weakness: UI Redressing (Clickjacking)

Device confirmation Flaw

Reported by: mohammad_obaid | Disclosed:

Authentication Issue

Reported by: bugdiscloseguys | Disclosed:

Low

Weakness: Privilege Escalation

Bounty: $200.00

Content Injection error page

Reported by: dr_dragon | Disclosed:

Weakness: Violation of Secure Design Principles

Application error message

Reported by: dr_dragon | Disclosed:

Weakness: Information Disclosure

Bounty: $100.00

ByPassing the email Validation Email on Sign up process in mobile apps

Reported by: kaleemgiet | Disclosed:

Weakness: Violation of Secure Design Principles

Bounty: $100.00

Captcha Bypass in Coinbase SignUp Form

Reported by: tejpratap | Disclosed:

Low

Weakness: Violation of Secure Design Principles

Bounty: $100.00

Information disclosue in Android Application

Reported by: mkap | Disclosed:

Low

Weakness: Uncontrolled Resource Consumption

Information disclosure in coinbase android app

Reported by: 7h3_3y3 | Disclosed:

Low

Weakness: Improper Authentication - Generic

Blacklist bypass on Callback URLs

Reported by: agarri_fr | Disclosed:

Weakness: Information Disclosure

Bounty: $100.00

User provided values trusted in sensitive actions

Reported by: paulos__ | Disclosed:

[buy.coinbase.com]Content Injection

Reported by: 0xspade | Disclosed:

Low

Runtime manipulation iOS app breaking the PIN

Reported by: kaleemgiet | Disclosed:

Weakness: Violation of Secure Design Principles

Ethereum account balance manipulation

Reported by: vicompany | Disclosed:

Critical

Weakness: Business Logic Errors

XSSI (Cross Site Script Inclusion)

Reported by: paulos__ | Disclosed:

Weakness: Cross-Site Request Forgery (CSRF)

Bounty: $200.00

ETH contract handling errors

Reported by: ambisafe | Disclosed:

Critical

Weakness: Business Logic Errors

New Device Confirmation Bug

Reported by: whysoleet | Disclosed:

coinbase Email leak while sending and requesting

Reported by: anda123 | Disclosed:

Low

Weakness: Improper Authentication - Generic

Page 1 of 2 Next