Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Bug Bounty Intelligence

Source: HackerOne public disclosures · updated every 6h

Browse publicly disclosed bug bounty reports from HackerOne. Filter by severity, weakness type, or program. Cross-referenced with CVE IDs where available.

Disclosed Reports
12,222
CVE-linked
1,855
Programs
342
New This Week
3
Severity: All CriticalHighMediumLow
Type: All Information Disclosure 1173 Cross-site Scripting (XSS) … 747 Violation of Secure Design … 719 Improper Access Control - Generic 656 Improper Authentication - Generic 652 Cross-site Scripting (XSS) … 513 Uncontrolled Resource Consumption 483 Cross-site Scripting (XSS) … 461 Cross-Site Request Forgery (CSRF) 421 Privilege Escalation 375
stack overflow #3 in libsass
LibSass Uncontrolled Resource Consumption (CWE-400)
Low
2017-10-20
stack overflow #2 in libsass
LibSass Uncontrolled Resource Consumption (CWE-400)
Low
2017-10-20
stack overflow in libsass
LibSass Uncontrolled Resource Consumption (CWE-400)
Low
2017-10-20
Information disclosue in Android Application
Coinbase Uncontrolled Resource Consumption (CWE-400)
Low
2017-08-30
Unable to register in starbucks IN app
Starbucks Uncontrolled Resource Consumption (CWE-400)
Low
2017-08-15
ntpd: read_mru_list() does inadequate incoming packet checks
Internet Bug Bounty Uncontrolled Resource Consumption (CWE-400)CVE-2016-7434
Low
2017-07-12
Malformed SHA512 ticket DoS (CVE-2016-6302)
Internet Bug Bounty Uncontrolled Resource Consumption (CWE-400)CVE-2016-6302
Low
2017-05-25
Excessive allocation of memory in tls_get_message_header() (CVE-2016-6307)
Internet Bug Bounty Uncontrolled Resource Consumption (CWE-400)CVE-2016-6307
Low
2017-05-25
Excessive allocation of memory in dtls1_preprocess_fragment() (CVE-2016-6308)
Internet Bug Bounty Uncontrolled Resource Consumption (CWE-400)CVE-2016-6308CVE-2016-6307
Low
2017-05-25
No Password Length Restriction leads to Denial of Service
Weblate Uncontrolled Resource Consumption (CWE-400)
Low
2017-05-17
SIGSEGV - kh_get_n2s - in /src/symbol.c:37
shopify-scripts Uncontrolled Resource Consumption (CWE-400)
Low
2017-04-27
Invalid pointer dereference in OP_ENTER
shopify-scripts Uncontrolled Resource Consumption (CWE-400)
Low
2017-04-15
Garbage collector crash
shopify-scripts Uncontrolled Resource Consumption (CWE-400)
Low
2017-04-15
DoS vulnerability in mod_auth_digest CVE-2016-2161
Internet Bug Bounty Uncontrolled Resource Consumption (CWE-400)CVE-2016-2161
Low
2017-04-10
Use-after-free leading to an invalid pointer dereference
shopify-scripts Uncontrolled Resource Consumption (CWE-400)
Low
2017-04-02
Null pointer dereference in mark_context_stack
shopify-scripts Uncontrolled Resource Consumption (CWE-400)
Low
2017-03-14
Null pointer dereference in mrb_class
shopify-scripts Uncontrolled Resource Consumption (CWE-400)
Low
2017-03-14
Segmentation fault while printing backtrace
shopify-scripts Uncontrolled Resource Consumption (CWE-400)
Low
2017-03-14
SIGSEGV - kh_resize_iv - Null Deref
shopify-scripts Uncontrolled Resource Consumption (CWE-400)
Low
2017-03-09
SIGSEGV - mrb_vm_exec - vm.c in line:1272
shopify-scripts Uncontrolled Resource Consumption (CWE-400)
Low
2017-03-09
Top Weakness Types
Most Active Programs
ProgramReportsMax $
U.S. Dept Of Defense896
Internet Bug Bounty817
HackerOne609
Nextcloud583
Shopify464
curl440
Node.js third-party modules307
GitLab258
X / xAI250 $2,500
Uber239