Loading HuntDB...

Vulnerability Intelligence by wss.sh

Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News

More Sources

HackerOne Reports

Bug bounty disclosures

WordPress Vulnerabilities

WordPress plugins & themes

Tools & Data

Trending Insights

Popular vulnerabilities

Advanced Search

Filter & search CVEs

Product Inventory

Software & vendors

Sign In Sign Up

GitHub Security Lab - HackerOne Reports

View on HackerOne

216

Total Reports

3

Critical

39

High

129

Medium

44

Low

CodeQL query to detect open Spring Boot actuator endpoints

Reported by: grzegol | Disclosed:

Medium

Bounty: $1800.00

[Java] CWE-939 - Address improper URL authorization

Reported by: luchua | Disclosed:

Medium

Bounty: $1800.00

[javascript] CWE-614: CodeQL query to detect if cookies are sent without the flag secure being set

Reported by: d3lla | Disclosed:

Medium

Java: Static initialization vector

Reported by: artem | Disclosed:

Medium

Bounty: $1800.00

Yet another SSRF query for Go

Reported by: avada | Disclosed:

Medium

[Python]: CWE-079: HTTP Header injection

Reported by: jorgectf | Disclosed:

Medium

Bounty: $1800.00

XPath Injection query in java

Reported by: crownpeanut | Disclosed:

Medium

CWE-094 ScriptEngine in java

Reported by: crownpeanut | Disclosed:

Medium

[CPP]: Add query for CWE-125 Out-of-bounds Read with different interpretation of the string when use mbtowc

Reported by: ihsinme | Disclosed:

Low

Bounty: $1000.00

Java: CWE-600 Uncaught servlet exception

Reported by: luchua | Disclosed:

Medium

Bounty: $1800.00

Yet another SSRF query for Javascript

Reported by: avada | Disclosed:

Low

Yet another SSRF query for Javascript

Reported by: luuliiromee | Disclosed:

Low

Bounty: $250.00

Yet another SSRF query for Javascript

Reported by: ciohianz | Disclosed:

Low

Bounty: $250.00

Yet another SSRF query for Go

Reported by: npesaresi | Disclosed:

Medium

Java: CWE-939 - Address improper URL authorization

Reported by: luchua | Disclosed:

Medium

Bounty: $1500.00

PYTHON: CWE-079 - Add query for email injection

Reported by: jorgectf | Disclosed:

High

Bounty: $4500.00

CPP: Pam Authorization Bypass

Reported by: porcupineyhairs | Disclosed:

Medium

CodeQL query for finding LDAP Injection (CWE-90) vulnerabilities in Java

Reported by: grzegol | Disclosed:

Critical

Bounty: $3000.00

CodeQL query for finding ReDoS and Regex Injection vulnerabilities in Java

Reported by: grzegol | Disclosed:

Low

Bounty: $1000.00

Go : Add more JWT sinks

Reported by: porcupineyhairs | Disclosed:

Medium

Previous Page 2 of 11 Next