Loading HuntDB...

Vulnerability Intelligence by wss.sh

Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News

More Sources

HackerOne Reports

Bug bounty disclosures

WordPress Vulnerabilities

WordPress plugins & themes

Tools & Data

Trending Insights

Popular vulnerabilities

Advanced Search

Filter & search CVEs

Product Inventory

Software & vendors

Sign In Sign Up

GitHub Security Lab - HackerOne Reports

View on HackerOne

216

Total Reports

3

Critical

39

High

129

Medium

44

Low

CodeQL query for unsafe TLS versions

Reported by: artem | Disclosed:

Medium

Bounty: $1800.00

CodeQL query for MVEL injections

Reported by: artem | Disclosed:

High

Bounty: $2300.00

Query to find TLS configurations supporting hardcoded insecure versions of the protocol and cipher suites

Reported by: logicmap | Disclosed:

High

Java : CWE-548 - J2EE server directory listing enabled

Reported by: luchua | Disclosed:

Medium

Bounty: $1800.00

Golang : Add MongoDb NoSQL injection sinks

Reported by: porcupineyhairs | Disclosed:

Medium

CodeQL query to detect XSLT injections

Reported by: grzegol | Disclosed:

Medium

Bounty: $1800.00

C# : Add query to detect Server Side Request Forgery

Reported by: porcupineyhairs | Disclosed:

Medium

[Java]: Add XXE sinks

Reported by: jessforfun | Disclosed:

Medium

CPP: Add query for CWE-243 Creation of chroot Jail Without Changing Working Directory

Reported by: ihsinme | Disclosed:

Low

Bounty: $1000.00

CodeQL query to detect SSRF in Python

Reported by: jordyzomer | Disclosed:

Low

Bounty: $500.00

Java: Query for detecting JEXL injections

Reported by: artem | Disclosed:

High

Bounty: $4500.00

Java : Add a query to detect Spring View Manipulation Vulnerability

Reported by: porcupineyhairs | Disclosed:

Medium

[C#] CWE-759: Query to detect password hash without a salt

Reported by: luchua | Disclosed:

Medium

Bounty: $1800.00

Java: Fix NashornScriptEngine detection in ScriptEngine query

Reported by: p0wn4j | Disclosed:

High

CPP: Out of order Linux permission dropping without checking return codes

Reported by: theopolis | Disclosed:

Medium

porcupiney.hairs : Java/Android - Insecure Loading of a Dex File

Reported by: porcupineyhairs | Disclosed:

Medium

[codeql-go]: Add CWE-79: HTML template escaping passthrough

Reported by: logicmap | Disclosed:

High

[Java] CWE-759: Query to detect password hash without a salt

Reported by: luchua | Disclosed:

Low

Bounty: $1000.00

ihsinme: CPP Add query for CWE-570 detect and handle memory allocation errors.

Reported by: ihsinme | Disclosed:

Medium

Bounty: $1800.00

Go : Add more JWT sinks

Reported by: porcupineyhairs | Disclosed:

Medium

Previous Page 2 of 11 Next