Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1110 CNY

100%
Buy Us a Coffee

Bug Bounty Intelligence

Source: HackerOne public disclosures · updated every 6h

Browse publicly disclosed bug bounty reports from HackerOne. Filter by severity, weakness type, or program. Cross-referenced with CVE IDs where available.

Disclosed Reports
12,247
CVE-linked
1,864
Programs
343
New This Week
25
Severity: All CriticalHighMediumLow
Type: All Information Disclosure 1173 Cross-site Scripting (XSS) … 747 Violation of Secure Design … 719 Improper Access Control - Generic 658 Improper Authentication - Generic 653 Cross-site Scripting (XSS) … 513 Uncontrolled Resource Consumption 483 Cross-site Scripting (XSS) … 461 Cross-Site Request Forgery (CSRF) 421 Privilege Escalation 375
[wappalyzer] ReDoS allows an attacker to completely break Wappalyzer
Node.js third-party modules Uncontrolled Resource Consumption (CWE-400)
High
2020-08-06
[is-my-json-valid] ReDoS via 'style' format
Node.js third-party modules Uncontrolled Resource Consumption (CWE-400)
High
2020-07-31
disable test send feature if user's email address isn't verified
Courier Uncontrolled Resource Consumption (CWE-400)
High
2020-06-30
[wappalyzer] ReDoS allows an attacker to completely break Wappalyzer
Node.js third-party modules Uncontrolled Resource Consumption (CWE-400)
High
2020-06-18
Bypass password reset rate limit protection at moneybird.com/passwords
Moneybird Uncontrolled Resource Consumption (CWE-400)
High
2019-12-22
Exim handles BDAT data incorrectly and leads to crash/hang
Internet Bug Bounty Uncontrolled Resource Consumption (CWE-400)CVE-2017-16944CVE-2017-16943
High
2019-11-12
Potential infinite loop in gdImageCreateFromGifCtx!
Internet Bug Bounty Uncontrolled Resource Consumption (CWE-400)CVE-2018-5711
High
2019-11-12
rpcbind "rpcbomb" CVE-2017-8779, CVE-2017-8804
Internet Bug Bounty Uncontrolled Resource Consumption (CWE-400)CVE-2017-8779CVE-2017-8804
High
2019-10-14
Denial of service in libxml2, using malicious lzma file to consume available system memory
Internet Bug Bounty Uncontrolled Resource Consumption (CWE-400)
High
2019-10-04
DoS through PeerExplorer
Rootstock Labs Uncontrolled Resource Consumption (CWE-400)
High
2019-09-18
Multiple HTTP/2 DOS Issues
Node.js Uncontrolled Resource Consumption (CWE-400)
High
2019-08-16
Resource Consumption DOS on Edgemax v1.10.6
Ubiquiti Inc. Uncontrolled Resource Consumption (CWE-400)
High
2019-08-04
CryptoNote: remote node DoS
Monero Uncontrolled Resource Consumption (CWE-400)
High
2019-07-03
(remote) exabyte allocation via load_from_binary() (DoS)
Monero Uncontrolled Resource Consumption (CWE-400)
High
2019-07-03
Computing hash of crafted block leads to crash in tree_hash()
Monero Uncontrolled Resource Consumption (CWE-400)
High
2019-07-03
`useragent` is vulnerable to ReDoS in user-agent string
Node.js third-party modules Uncontrolled Resource Consumption (CWE-400)
High
2019-04-03
xmlrpc.php file is enable it will used for (DOS) and bruteforce attack
FormAssembly Uncontrolled Resource Consumption (CWE-400)
High
2018-12-27
Prototype Pollution Vulnerability in cached-path-relative Package
Node.js third-party modules Uncontrolled Resource Consumption (CWE-400)CVE-2018-16472
High
2018-11-02
Prototype pollution attack (lodash / constructor.prototype)
Node.js third-party modules Uncontrolled Resource Consumption (CWE-400)CVE-2018-16487
High
2018-10-30
Malicious get_random_rct_outs.bin rpc can cause a near-infinite loop
Monero Uncontrolled Resource Consumption (CWE-400)
High
2018-09-28
Top Weakness Types
Most Active Programs
ProgramReportsMax $
U.S. Dept Of Defense896
Internet Bug Bounty817 $2,257
HackerOne609
Nextcloud584
Shopify464
curl457
Node.js third-party modules307
GitLab258
X / xAI250 $2,500
Uber239