Loading HuntDB...

Vulnerability Intelligence by wss.sh

Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News

More Sources

HackerOne Reports

Bug bounty disclosures

WordPress Vulnerabilities

WordPress plugins & themes

Tools & Data

Trending Insights

Popular vulnerabilities

Advanced Search

Filter & search CVEs

Product Inventory

Software & vendors

Sign In Sign Up

GitHub Security Lab - HackerOne Reports

View on HackerOne

216

Total Reports

3

Critical

39

High

129

Medium

44

Low

Java: CWE-346 Queries to detect remote source flow to CORS Headers

Reported by: torque59 | Disclosed:

Medium

ihsinme: CPP add query for CWE-788 Access of memory location after the end of a buffer using strncat.

Reported by: ihsinme | Disclosed:

Medium

Bounty: $1800.00

CodeQL query to detect open Spring Boot actuator endpoints

Reported by: grzegol | Disclosed:

Medium

Bounty: $1800.00

[Ruby]: Server Side Template Injection

Reported by: maikypedia | Disclosed:

Medium

Bounty: $2300.00

[Java]: Timing attacks while comparing the headers value

Reported by: farid_hunter | Disclosed:

Low

Bounty: $1000.00

[Java] CWE-755: Query to detect Local Android DoS caused by NFE

Reported by: luchua | Disclosed:

Medium

Bounty: $1800.00

Java: Add SSRF query for Java

Reported by: porcupineyhairs | Disclosed:

Medium

[javascript] CWE-614: CodeQL query to detect if cookies are sent without the flag secure being set

Reported by: d3lla | Disclosed:

Medium

Java: Static initialization vector

Reported by: artem | Disclosed:

Medium

Bounty: $1800.00

Yet another SSRF query for Go

Reported by: avada | Disclosed:

Medium

[JAVA]: CWE-347 - Improper Verification of Cryptographic Signature : Potential for Auth Bypass

Reported by: intrigus | Disclosed:

High

Bounty: $4500.00

ihsinme: CPP Add query for CWE-691 Insufficient Control Flow Management After Refactoring The Code

Reported by: ihsinme | Disclosed:

Low

Bounty: $500.00

[Java] CWE-489: Query to detect main() method in Java EE applications

Reported by: luchua | Disclosed:

Medium

Bounty: $1800.00

[Python]: CWE-079: HTTP Header injection

Reported by: jorgectf | Disclosed:

Medium

Bounty: $1800.00

XPath Injection query in java

Reported by: crownpeanut | Disclosed:

Medium

CWE-094 ScriptEngine in java

Reported by: crownpeanut | Disclosed:

Medium

CodeQL query to detect weak (duplicated) encryption keys for ASP.NET Telerik Upload

Reported by: calderpwn | Disclosed:

Low

Bounty: $500.00

[go]: Add query for detecting CORS misconfiguration

Reported by: logicmap | Disclosed:

Medium

[Java]: CWE 295 - Insecure TrustManager - MiTM

Reported by: intrigus | Disclosed:

Medium

Bounty: $1500.00

Go : Add more JWT sinks

Reported by: porcupineyhairs | Disclosed:

Medium

Previous Page 3 of 11 Next