Loading HuntDB...

Vulnerability Intelligence by wss.sh

Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News

More Sources

HackerOne Reports

Bug bounty disclosures

WordPress Vulnerabilities

WordPress plugins & themes

Tools & Data

Trending Insights

Popular vulnerabilities

Advanced Search

Filter & search CVEs

Product Inventory

Software & vendors

Sign In Sign Up

Internet Bug Bounty - HackerOne Reports

View on HackerOne

674

Total Reports

35

Critical

123

High

194

Medium

138

Low

[bower] Arbitrary File Write through improper validation of symlinks while package extraction

Reported by: skyn3t | Disclosed:

High

Weakness: Path Traversal

Bounty: $500.00

Regexes with large repetitions on empty sub-expressions take a very long time to parse

Reported by: addisoncrump | Disclosed:

High

Weakness: Uncontrolled Resource Consumption

Bounty: $4000.00

Out of bounds memory read in unserialize()

Reported by: hanno | Disclosed:

Medium

Weakness: Out-of-bounds Read

Bounty: $500.00

CVE-2016-4796 OpenJPEG color_cmyk_to_rgb Out-of-Bounds Read Vulnerability

Reported by: binvul | Disclosed:

Weakness: Memory Corruption - Generic

CVEs: CVE-2016-4796

memory corruption in wordwrap function

Reported by: minhrau | Disclosed:

Weakness: Memory Corruption - Generic

Bounty: $500.00

Missing type check when unserializing SplArray

Reported by: ahihi | Disclosed:

Weakness: Memory Corruption - Generic

Permission model improperly protects against path traversal in Node.js 20

Reported by: tniessen | Disclosed:

High

Weakness: Path Traversal

Bounty: $2330.00

CVEs: CVE-2023-30584

integer overflow in pg_escape_string caused heap corruption

Reported by: minhrau | Disclosed:

Weakness: Memory Corruption - Generic

Bounty: $500.00

integer overflow in php_ldap_do_escape caused heap corruption

Reported by: minhrau | Disclosed:

Weakness: Memory Corruption - Generic

Bounty: $500.00

CVE-2023-28710 Apache Airflow Spark Provider Arbitrary File Read via JDBC

Reported by: sw0rd1ight | Disclosed:

Medium

Weakness: Improper Input Validation

Bounty: $2400.00

CVE-2019-11043: a buffer underflow in fpm_main.c can lead to RCE in php-fpm

Reported by: neex | Disclosed:

Critical

Weakness: Buffer Underflow

Bounty: $1500.00

CVEs: CVE-2019-11043

Use-after-free in PHP7's unserialize()

Reported by: ryat | Disclosed:

Medium

Weakness: Use After Free

Possible ReDoS vulnerability in query parameter filtering in Action Dispatch

Reported by: scyoon | Disclosed:

Medium

Weakness: Uncontrolled Resource Consumption

CVEs: CVE-2024-41128

CVE-2019-0196: mod_http2 with scoreboard Use-After-Free (Read)

Reported by: cy1337 | Disclosed:

Medium

Weakness: Use After Free

CVE-2024-2398: HTTP/2 push headers memory-leak

Reported by: w0x42 | Disclosed:

Medium

Bounty: $2580.00

CVE-2016-7418 PHP Out-Of-Bounds Read in php_wddx_push_element

Reported by: binvul | Disclosed:

Weakness: Memory Corruption - Generic

CVEs: CVE-2016-7418

Type Confusion in Object Deserialization

Reported by: ryat | Disclosed:

Medium

Weakness: Type Confusion

Use After Free in unserialize()

Reported by: ryat | Disclosed:

Medium

Weakness: Use After Free

GMP Deserialization Type Confusion Vulnerability [MyBB <= 1.8.3 RCE Vulnerability]

Reported by: ryat | Disclosed:

High

Weakness: Code Injection

Industry-Wide MITM Vulnerability Impacting the JVM Ecosystem

Reported by: jlleitschuh | Disclosed:

High

Weakness: Man-in-the-Middle

Page 1 of 34 Next