目標達成 すべての支援者に感謝 — 100%達成しました!

目標: 1000 CNY · 調達済み: 1000 CNY

100.0%
コーヒーを一杯おごる

漏洞赏金情报

数据来源:HackerOne 公开披露报告 · 每 6 小时更新

浏览 HackerOne 平台公开披露的漏洞赏金报告,按严重程度、漏洞类型或目标项目筛选,关联 CVE 编号。

已披露报告
12,219
关联 CVE
1,854
参与项目数
342
近 7 天新增
14
严重度: All CriticalHighMediumLow
类型: 全部 Information Disclosure 1173 Cross-site Scripting (XSS) … 747 Violation of Secure Design … 719 Improper Access Control - Generic 656 Improper Authentication - Generic 652 Cross-site Scripting (XSS) … 513 Uncontrolled Resource Consumption 483 Cross-site Scripting (XSS) … 461 Cross-Site Request Forgery (CSRF) 421 Privilege Escalation 375
项目筛选:security
Reward Money Leakage
HackerOne Information Disclosure (CWE-200)
Unknown
2016-08-09
Race Conditions in Popular reports feature.
HackerOne Memory Corruption - Generic (CWE-119)
Unknown
2016-08-03
Report title and issue information prepopulated
HackerOne
Unknown
2016-07-15
Possible CSRF during joining report as participant
HackerOne Cross-Site Request Forgery (CSRF) (CWE-352)
Unknown
2016-07-12
Able to remove the admin access of my program
HackerOne Violation of Secure Design Principles (CWE-657)
Unknown
2016-07-06
Unauthorized Team members viewing
HackerOne Improper Authentication - Generic (CWE-287)
Unknown
2016-07-02
Manipulate report timeline activity by using null byte.
HackerOne Violation of Secure Design Principles (CWE-657)
Unknown
2016-07-01
Web Authentication Endpoint Credentials Brute-Force Vulnerability
HackerOne Improper Authentication - Generic (CWE-287)
Unknown
2016-06-23
Old titles are not hidden in reports with limited disclosure
HackerOne Information Disclosure (CWE-200)
Unknown
2016-06-21
Hackerone Email Addresses Enumeration
HackerOne Information Disclosure (CWE-200)
Unknown
2016-06-17
RCE in profile picture upload
HackerOne Code Injection (CWE-94)
Unknown
2016-06-08
Denial of service in report view.
HackerOne Uncontrolled Resource Consumption (CWE-400)
Unknown
2016-05-27
Content Spoofing via reports
HackerOne Violation of Secure Design Principles (CWE-657)
Unknown
2016-05-25
URL Crashing browser. {Tested on firefox, Chrome and Safari}
HackerOne Uncontrolled Resource Consumption (CWE-400)
Unknown
2016-05-25
Redirection Page throwing error instead of redirecting to site
HackerOne Violation of Secure Design Principles (CWE-657)
Unknown
2016-05-25
DOS Report FILE html inside <code> in markdown
HackerOne Uncontrolled Resource Consumption (CWE-400)
Unknown
2016-05-21
HackerOne Important Emails Notification are sent in clear-text
HackerOne Improper Authentication - Generic (CWE-287)
Unknown
2016-05-19
LinkedIN URL should be HTTPS
HackerOne
Unknown
2016-05-18
Inadequate access controls in "Vote" functionality???
HackerOne Privilege Escalation (CAPEC-233)
Unknown
2016-05-12
Spamming any user from Reset Password Function
HackerOne Violation of Secure Design Principles (CWE-657)
Unknown
2016-05-03
高频漏洞类型
最活跃项目
项目报告数最高赏金
U.S. Dept Of Defense896
Internet Bug Bounty817
HackerOne609
Nextcloud582
Shopify464
curl439
Node.js third-party modules307
GitLab258
X / xAI250 $2,500
Uber239 $9,895