Loading HuntDB...

Vulnerability Intelligence by wss.sh

Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News

More Sources

HackerOne Reports

Bug bounty disclosures

WordPress Vulnerabilities

WordPress plugins & themes

Tools & Data

Trending Insights

Popular vulnerabilities

Advanced Search

Filter & search CVEs

Product Inventory

Software & vendors

Sign In Sign Up

Internet Bug Bounty - HackerOne Reports

View on HackerOne

674

Total Reports

35

Critical

123

High

194

Medium

138

Low

OOB read in php_strip_tags_ex

Reported by: raven42 | Disclosed:

Medium

Weakness: Buffer Over-read

Bounty: $500.00

Wrong Handling of Content-Type allows Flash injection and Rosseta flash patch bypass

Reported by: benhayak | Disclosed:

Weakness: Cross-site Scripting (XSS) - Generic

Bounty: $3000.00

Heap overflow in mysqlnd related to BIT fields (CVE-2016-7412)

Reported by: mongo | Disclosed:

Medium

Weakness: Memory Corruption - Generic

CVEs: CVE-2016-7412

HTTP MitM on Flash Player settings manager allows attacker to set sandbox settings

Reported by: sardarox1 | Disclosed:

[curl] CVE-2023-38039: HTTP header allocation DOS

Reported by: selmelc | Disclosed:

Medium

Weakness: Allocation of Resources Without Limits or Throttling

Bounty: $2540.00

CVEs: CVE-2023-38039

[CVE-2024-32464] ActionText ContentAttachment’s can Contain Unsanitized HTML

Reported by: ooooooo_q | Disclosed:

Medium

Weakness: Cross-site Scripting (XSS) - Stored

Bounty: $2600.00

CVEs: CVE-2024-32464

ReDoS Vulnerability in HTTP Accept Headers Parsing

Reported by: dwisiswant0 | Disclosed:

Medium

Bounty: $2642.00

Widespread failure of certificate validation in Android apps

Reported by: secbro | Disclosed:

Weakness: Cryptographic Issues - Generic

Tcpdump before 4.9.3 has a buffer over-read in print-802_11.c (CVE-2018-16227)

Reported by: bugbasher | Disclosed:

Critical

Weakness: Out-of-bounds Read

CVEs: CVE-2018-16227

Tcpdump before 4.9.3 has a buffer over-read in print-dccp.c:dccp_print_option() (CVE-2018-16229)

Reported by: bugbasher | Disclosed:

Critical

Weakness: Out-of-bounds Read

CVEs: CVE-2018-16229

tcpdump: CVE-2018-14879 - buffer overflow in tcpdump.c:get_next_file()

Reported by: geeknik | Disclosed:

Critical

Weakness: Buffer Underflow

CVEs: CVE-2018-14879

Invalid memory access in spl_filesystem_info_set_filename function

Reported by: jot | Disclosed:

Low

Weakness: Memory Corruption - Generic

Bounty: $500.00

iconv() function missing string length check

Reported by: jot | Disclosed:

Low

Weakness: Memory Corruption - Generic

Bounty: $500.00

Inadequate Encryption Strength in nodejs-current reads openssl.cnf from /home/iojs/build/... upon startup on MacOS

Reported by: orange_8361 | Disclosed:

Medium

Weakness: Cryptographic Issues - Generic

Bounty: $2400.00

Use of Cryptographically Weak Pseudo-Random Number Generator in WebCrypto keygen

Reported by: imhunternull | Disclosed:

High

Bounty: $4000.00

HTTP Request Smuggling Due to Incorrect Parsing of Header Fields

Reported by: vwx7 | Disclosed:

Medium

Weakness: HTTP Request Smuggling

Bounty: $1800.00

CVE-2018-12882: heap-use-after-free in PHP 7.2 through 7.2.6, possible 7.2.7

Reported by: geeknik | Disclosed:

Medium

Weakness: Use After Free

crash in locale_get_keywords() when keyword value in locale string too long

Reported by: jot | Disclosed:

Low

Weakness: Code Injection

Bounty: $500.00

Invalid handling of X509_verify_cert() internal errors in libssl (CVE-2021-4044)

Reported by: tniessen | Disclosed:

Medium

Weakness: Improper Certificate Validation

Bounty: $1200.00

CVE-2016-4796 OpenJPEG color_cmyk_to_rgb Out-of-Bounds Read Vulnerability

Reported by: binvul | Disclosed:

Weakness: Memory Corruption - Generic

CVEs: CVE-2016-4796

Previous Page 7 of 34 Next