Loading HuntDB...

Vulnerability Intelligence by wss.sh

Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News

More Sources

HackerOne Reports

Bug bounty disclosures

WordPress Vulnerabilities

WordPress plugins & themes

Tools & Data

Trending Insights

Popular vulnerabilities

Advanced Search

Filter & search CVEs

Product Inventory

Software & vendors

Sign In Sign Up

Internet Bug Bounty - HackerOne Reports

View on HackerOne

674

Total Reports

35

Critical

123

High

194

Medium

138

Low

Improper handling of wildcards in --allow-fs-read and --allow-fs-write

Reported by: tniessen | Disclosed:

Medium

Weakness: Improper Access Control - Generic

Bounty: $1290.00

CVE-2022-27781: CERTINFO never-ending busy-loop

Reported by: sybr | Disclosed:

Low

Weakness: Uncontrolled Resource Consumption

CVEs: CVE-2022-27781

Path traversal by monkey-patching Buffer internals

Reported by: tniessen | Disclosed:

High

Weakness: Path Traversal

Bounty: $2430.00

CVEs: CVE-2023-30584 CVE-2023-39332 CVE-2023-39331 CVE-2023-32004

CVE-2021-3711: SM2 decrypt buffer overflow

Reported by: ouyang | Disclosed:

High

Weakness: Classic Buffer Overflow

Bounty: $2000.00

CVEs: CVE-2021-3711

OpenSSL vulnerable to the Marvin Attack (CVE-2022-4304)

Reported by: hkario | Disclosed:

Medium

Weakness: Information Exposure Through Timing Discrepancy

Bounty: $2540.00

CVE-2024-41937: Apache Airflow: Stored XSS Vulnerability on provider link

Reported by: sw0rd1ight | Disclosed:

Low

Weakness: Cross-site Scripting (XSS) - Stored

Bounty: $497.00

CVE-2017-10966: Heap-use-after-free in Irssi <1.0.4

Reported by: geeknik | Disclosed:

High

Weakness: Use After Free

CVE-2017-10965: Null pointer dereference in Irssi <1.0.4

Reported by: geeknik | Disclosed:

High

Weakness: NULL Pointer Dereference

POST following PUT confusion

Reported by: robbotic | Disclosed:

Medium

Weakness: Information Disclosure

Bounty: $2400.00

Adobe Flash Player ShimOpportunityGenerator class Memory Corruption Vulnerability

Reported by: hhj4ck | Disclosed:

Weakness: Memory Corruption - Generic

Bounty: $2000.00

CVEs: CVE-2016-4153

Adobe Flash Player ShimContentResolver.configure Memory Corruption Vulnerability

Reported by: hhj4ck | Disclosed:

Weakness: Memory Corruption - Generic

Bounty: $2000.00

CVEs: CVE-2016-4152

Adobe Flash Player ShimContentFactory.retrieveResolvers Memory Corruption Vulnerability

Reported by: hhj4ck | Disclosed:

Weakness: Memory Corruption - Generic

Bounty: $2000.00

CVEs: CVE-2016-4151

Adobe Flash Player ShimContentFactory class Memory Corruption Vulnerability

Reported by: hhj4ck | Disclosed:

Weakness: Memory Corruption - Generic

Bounty: $2000.00

CVEs: CVE-2016-4150

Adobe Flash Player ShimContentResolver(resolverType=0) class Memory Corruption Vulnerability

Reported by: hhj4ck | Disclosed:

Weakness: Memory Corruption - Generic

Bounty: $2000.00

CVEs: CVE-2016-4154

Adobe Flash Player ShimContentResolver(resolverType=1) class Memory Corruption Vulnerability

Reported by: hhj4ck | Disclosed:

Weakness: Memory Corruption - Generic

Bounty: $2000.00

CVEs: CVE-2016-4155

Urllib connects to a wrong host

Reported by: orange | Disclosed:

Low

Weakness: Server-Side Request Forgery (SSRF)

Bounty: $500.00

Incorrect GC behavior in xxlimited could lead to use-after-free

Reported by: zeroinside | Disclosed:

Low

Weakness: Memory Corruption - Generic

Bounty: $500.00

[CVE-2023-38546] cookie injection with none file

Reported by: w0x42 | Disclosed:

Low

Bounty: $540.00

LZMADecompressor.decompress Use After Free

Reported by: johnleitch | Disclosed:

Critical

Weakness: Memory Corruption - Generic

Bounty: $1500.00

Node.js - DLL Hijacking on Windows

Reported by: yakirka | Disclosed:

High

Weakness: Untrusted Search Path

Previous Page 5 of 34 Next