Loading HuntDB...

Vulnerability Intelligence by wss.sh

Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News

More Sources

HackerOne Reports

Bug bounty disclosures

WordPress Vulnerabilities

WordPress plugins & themes

Tools & Data

Trending Insights

Popular vulnerabilities

Advanced Search

Filter & search CVEs

Product Inventory

Software & vendors

Sign In Sign Up

GitHub Security Lab - HackerOne Reports

View on HackerOne

216

Total Reports

3

Critical

39

High

129

Medium

44

Low

[Javascript]: [Clipboard-based XSS]

Reported by: intrigus | Disclosed:

Medium

Bounty: $1500.00

Go/CWE-643: XPath Injection Query in Go

Reported by: intrigus | Disclosed:

Medium

Bounty: $1800.00

ihsinme: CPP Add query for CWE-783 Operator Precedence Logic Error When Use Bool Type

Reported by: ihsinme | Disclosed:

Medium

Bounty: $1800.00

[Python] CWE-522: Insecure LDAP Authentication

Reported by: jorgectf | Disclosed:

Medium

Bounty: $1800.00

[python] TarSlip vulnerability improvements

Reported by: sim4n6 | Disclosed:

Medium

[CPP]Add query to detect bugs like CVE-2017-5123

Reported by: 4b5f5f4b | Disclosed:

Low

Bounty: $1000.00

JavaScript: Add some new XSS sinks and sources of Next.js (and some extra improvements)

Reported by: tyage | Disclosed:

Low

Bounty: $1000.00

[Java] CWE-094: Jython code injection

Reported by: luchua | Disclosed:

Medium

Bounty: $1800.00

[Java]: CWE-601 Spring url redirection detect

Reported by: jessforfun | Disclosed:

Medium

[Java] CWE-094: Rhino code injection

Reported by: luchua | Disclosed:

Medium

Bounty: $1800.00

CodeQL query for finding CSRF vulnerabilities in Spring applications

Reported by: grzegol | Disclosed:

Medium

Bounty: $1800.00

Java: CWE-798 - Hardcoded AWS credentials

Reported by: luchua | Disclosed:

Low

Bounty: $1000.00

LDAP injection vulnerability in Java

Reported by: grzegol | Disclosed:

Critical

Bounty: $2500.00

[Java] CWE-094: Query to detect Groovy Code Injections

Reported by: p0wn4j | Disclosed:

High

[CPP]: Add query for CWE-754: Improper Check for Unusual or Exceptional Conditions when using functions scanf

Reported by: ihsinme | Disclosed:

Medium

Bounty: $1800.00

CPP: Add query for CWE-377 Insecure Temporary File

Reported by: ihsinme | Disclosed:

Low

Bounty: $1000.00

Java: Detect remote source from Android intent extra

Reported by: luchua | Disclosed:

Medium

Bounty: $1800.00

Java (Maven): Use of insecure protocol to download/upload artifacts

Reported by: jlleitschuh | Disclosed:

High

Bounty: $2300.00

[Python]: CWE-611: XXE

Reported by: jorgectf | Disclosed:

Medium

Bounty: $1800.00

Go : Add more JWT sinks

Reported by: porcupineyhairs | Disclosed:

Medium

Previous Page 3 of 11 Next