Loading HuntDB...

Vulnerability Intelligence by wss.sh

Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News

More Sources

HackerOne Reports

Bug bounty disclosures

WordPress Vulnerabilities

WordPress plugins & themes

Tools & Data

Trending Insights

Popular vulnerabilities

Advanced Search

Filter & search CVEs

Product Inventory

Software & vendors

Sign In Sign Up

shopify-scripts - HackerOne Reports

View on HackerOne

161

Total Reports

7

Critical

36

High

13

Medium

33

Low

Segfault in mruby, mruby_engine and the parent MRI Ruby due to null pointer dereference

Reported by: dkasak | Disclosed:

High

Weakness: Uncontrolled Resource Consumption

Bounty: $10000.00

TOCTTOU bug in mrb_str_setbyte leading the memory corruption

Reported by: raydot | Disclosed:

Critical

Weakness: Code Injection

DoS: type confusion in mrb_no_method_error

Reported by: raydot | Disclosed:

Critical

Weakness: Uncontrolled Resource Consumption

SIGSEGV in mrb_vm_exec

Reported by: ston3 | Disclosed:

Weakness: NULL Pointer Dereference

Segmentation fault due to invalid memory access in codegen when using break with the 127th argument a constant

Reported by: haquaman | Disclosed:

Weakness: Uncontrolled Resource Consumption

Certain inputs cause tight C-level recursion leading to process stack overflow

Reported by: dkasak | Disclosed:

High

Weakness: Memory Corruption - Generic

Bounty: $10000.00

Crash: mrb_any_to_s can't handle NilClass, Symbol and Fixnum

Reported by: brakhane | Disclosed:

High

Weakness: Memory Corruption - Generic

Bounty: $8000.00

Type confusion in mrb_exc_set leading to memory corruption

Reported by: raydot | Disclosed:

Critical

Weakness: Uncontrolled Resource Consumption

Type confusion in wrap_decimal leading to memory corruption

Reported by: raydot | Disclosed:

Critical

Weakness: Code Injection

Denial of service due to invalid memory access in mrb_ary_concat

Reported by: haquaman | Disclosed:

High

Weakness: Uncontrolled Resource Consumption

Bounty: $8000.00

Read after free in mrb_vm_exec with OP_ARYCAT reading R(B)

Reported by: haquaman | Disclosed:

Weakness: Memory Corruption - Generic

Bounty: $1000.00

SIGSEGV - mrb_yield_with_class

Reported by: icanthack | Disclosed:

Medium

Weakness: Violation of Secure Design Principles

Null pointer dereference in mrb_class

Reported by: dgaletic | Disclosed:

Low

Weakness: Uncontrolled Resource Consumption

Bounty: $800.00

SIGSEGV - kh_get_n2s - in /src/symbol.c:37

Reported by: mia_ | Disclosed:

Low

Weakness: Uncontrolled Resource Consumption

Crash in mrb_ary_push

Reported by: dgaletic | Disclosed:

Weakness: NULL Pointer Dereference

Bounty: $800.00

SIGSEGV in mrb_str_inum

Reported by: ston3 | Disclosed:

Weakness: NULL Pointer Dereference

Invalid read leading to a segfault

Reported by: dgaletic | Disclosed:

Low

Weakness: Out-of-bounds Read

Bounty: $800.00

heap-buffer-overflow in OP_R_BREAK

Reported by: ahihi | Disclosed:

Weakness: Heap Overflow

heap-use-after-free in OP_RESCUE

Reported by: ahihi | Disclosed:

Weakness: Use After Free

Buffer overflow in yywarning_s

Reported by: dgaletic | Disclosed:

Weakness: Classic Buffer Overflow

Bounty: $1000.00

Previous Page 5 of 9 Next