Loading HuntDB...

Vulnerability Intelligence by wss.sh

Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News

More Sources

HackerOne Reports

Bug bounty disclosures

WordPress Vulnerabilities

WordPress plugins & themes

Tools & Data

Trending Insights

Popular vulnerabilities

Advanced Search

Filter & search CVEs

Product Inventory

Software & vendors

Sign In Sign Up

PlayStation - HackerOne Reports

View on HackerOne

17

Total Reports

1

Critical

15

High

1

Medium

0

Low

Unrestricted access to quiesce functionality in dss.api.playstation.com REST API leads to unavailability of application

Reported by: wiiiiam | Disclosed:

High

Weakness: Missing Authorization

Bounty: $1000.00

bd-j exploit chain

Reported by: theflow0 | Disclosed:

High

Weakness: Privilege Escalation

Bounty: $20000.00

Remote kernel heap overflow

Reported by: m00nbsd | Disclosed:

High

Weakness: Heap Overflow

Reflected XSS on transact.playstation.com using postMessage from the opening window

Reported by: vakzz | Disclosed:

High

Weakness: Cross-site Scripting (XSS) - Reflected

Bounty: $1000.00

SSRF chained to hit internal host leading to another SSRF which allows to read internal images.

Reported by: bugdiscloseguys | Disclosed:

High

Weakness: Server-Side Request Forgery (SSRF)

Bounty: $1000.00

Authorization Token on PlayStation Network Leaks via postMessage function

Reported by: nnez | Disclosed:

High

Weakness: Violation of Secure Design Principles

Bounty: $1000.00

Use-after-free in setsockopt IPV6_2292PKTOPTIONS (CVE-2020-7457)

Reported by: theflow0 | Disclosed:

High

Weakness: Use After Free

Bounty: $10000.00

Access token stealing.

Reported by: bugdiscloseguys | Disclosed:

High

Weakness: Missing Authorization

Bounty: $1200.00

Access Token Smuggling from my.playstation.com via Referer Header

Reported by: nnez | Disclosed:

High

Weakness: Violation of Secure Design Principles

Bounty: $1000.00

SOCK_RAW sockets reachable from Webkit process allows triggering double free in IP6_EXTHDR_CHECK

Reported by: theflow0 | Disclosed:

High

Weakness: Double Free

Bounty: $10000.00

Websites Can Run Arbitrary Code on Machines Running the 'PlayStation Now' Application

Reported by: parsiya | Disclosed:

Critical

Weakness: Code Injection

Bounty: $15000.00

SMAP bypass

Reported by: m00nbsd | Disclosed:

Medium

sys_fsc2h_ctrl kernel stack free

Reported by: theflow0 | Disclosed:

High

Weakness: Use After Free

Bounty: $10000.00

Use-After-Free In IPV6_2292PKTOPTIONS leading To Arbitrary Kernel R/W Primitives

Reported by: theflow0 | Disclosed:

High

Weakness: Use After Free

Bounty: $10000.00

SSRF on image renderer

Reported by: hogarth45 | Disclosed:

High

Bounty: $1000.00

size_t-to-int vulnerability in exFAT leads to memory corruption via malformed USB flash drives

Reported by: theflow0 | Disclosed:

High

Weakness: Incorrect Calculation of Buffer Size

Bounty: $10000.00

Remote vulnerabilities in spp

Reported by: theflow0 | Disclosed:

High

Weakness: Classic Buffer Overflow

Bounty: $12500.00