Loading HuntDB...

Vulnerability Intelligence by wss.sh

Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News

More Sources

HackerOne Reports

Bug bounty disclosures

WordPress Vulnerabilities

WordPress plugins & themes

Tools & Data

Trending Insights

Popular vulnerabilities

Advanced Search

Filter & search CVEs

Product Inventory

Software & vendors

Sign In Sign Up

Internet Bug Bounty - HackerOne Reports

View on HackerOne

674

Total Reports

35

Critical

123

High

194

Medium

138

Low

CVE-2016-4796 OpenJPEG color_cmyk_to_rgb Out-of-Bounds Read Vulnerability

Reported by: binvul | Disclosed:

Weakness: Memory Corruption - Generic

CVEs: CVE-2016-4796

memory corruption in wordwrap function

Reported by: minhrau | Disclosed:

Weakness: Memory Corruption - Generic

Bounty: $500.00

Missing type check when unserializing SplArray

Reported by: ahihi | Disclosed:

Weakness: Memory Corruption - Generic

[bower] Arbitrary File Write through improper validation of symlinks while package extraction

Reported by: skyn3t | Disclosed:

High

Weakness: Path Traversal

Bounty: $500.00

integer overflow in pg_escape_string caused heap corruption

Reported by: minhrau | Disclosed:

Weakness: Memory Corruption - Generic

Bounty: $500.00

integer overflow in php_ldap_do_escape caused heap corruption

Reported by: minhrau | Disclosed:

Weakness: Memory Corruption - Generic

Bounty: $500.00

CVE-2016-7418 PHP Out-Of-Bounds Read in php_wddx_push_element

Reported by: binvul | Disclosed:

Weakness: Memory Corruption - Generic

CVEs: CVE-2016-7418

Industry-Wide MITM Vulnerability Impacting the JVM Ecosystem

Reported by: jlleitschuh | Disclosed:

High

Weakness: Man-in-the-Middle

CVE-2017-5482 The Q.933 parser in tcpdump before 4.9.0 has a buffer overflow in print-fr.c:q933_print().

Reported by: geeknik | Disclosed:

High

Weakness: Memory Corruption - Generic

CVEs: CVE-2016-8575

CVE-2024-49761: ReDoS vulnerability in REXML

Reported by: manun | Disclosed:

Medium

Weakness: Uncontrolled Resource Consumption

SEH buffer overflow msgfmt_format_message

Reported by: fms | Disclosed:

Weakness: Memory Corruption - Generic

Bounty: $1000.00

PHP Integer Overflow in gdImageWebpCtx

Reported by: binvul | Disclosed:

Low

Weakness: Memory Corruption - Generic

urllib HTTP header injection CVE-2016-5699

Reported by: guido | Disclosed:

The “Malstaller” Attack, global hijacking of any installation process to achieve RCE with elevated privileges, Windows OS (vendor agnostic)

Reported by: penrose | Disclosed:

Weakness: Code Injection

Session WDDX Packet Deserialization Type Confusion Vulnerability

Reported by: ryat | Disclosed:

Weakness: Memory Corruption - Generic

phar_tar_writeheaders_int() buffer overflow

Reported by: jordyzomer | Disclosed:

High

Weakness: Classic Buffer Overflow

Bounty: $1500.00

Regexes with large repetitions on empty sub-expressions take a very long time to parse

Reported by: addisoncrump | Disclosed:

High

Weakness: Uncontrolled Resource Consumption

Bounty: $4000.00

Out of bounds memory read in unserialize()

Reported by: hanno | Disclosed:

Medium

Weakness: Out-of-bounds Read

Bounty: $500.00

Permission model improperly protects against path traversal in Node.js 20

Reported by: tniessen | Disclosed:

High

Weakness: Path Traversal

Bounty: $2330.00

CVEs: CVE-2023-30584

Silent omission of certificate hostname verification in LibreSSL and BoringSSL

Reported by: tiran | Disclosed:

Critical

Weakness: Improper Certificate Validation

CVEs: CVE-2018-8970

Page 1 of 34 Next