Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Bug Bounty Intelligence

Source: HackerOne public disclosures · updated every 6h

Browse publicly disclosed bug bounty reports from HackerOne. Filter by severity, weakness type, or program. Cross-referenced with CVE IDs where available.

Disclosed Reports
12,219
CVE-linked
1,854
Programs
342
New This Week
7
Severity: All CriticalHighMediumLow
Type: All Information Disclosure 1173 Cross-site Scripting (XSS) … 747 Violation of Secure Design … 719 Improper Access Control - Generic 656 Improper Authentication - Generic 652 Cross-site Scripting (XSS) … 513 Uncontrolled Resource Consumption 483 Cross-site Scripting (XSS) … 461 Cross-Site Request Forgery (CSRF) 421 Privilege Escalation 375
Program filter: shopify-scripts
Heap Overflow in fiber_switch triggered from Fiber.transfer
shopify-scripts Heap Overflow (CWE-122)
High
2017-05-30
heap-buffer-overflow (read outside of buffer) in mrb_vm_exec()
shopify-scripts Heap Overflow (CWE-122)
High
2017-05-09
mirb only: stack-buffer-overflow (OOB write) in main()
shopify-scripts Stack Overflow (CWE-121)
High
2017-05-09
Memory corrouption in mrb_gc_mark
shopify-scripts Memory Corruption - Generic (CWE-119)
High
2017-04-17
Segmentation fault when a Ruby method is invoked by a C method via Object#send
shopify-scripts Uncontrolled Resource Consumption (CWE-400)
High
2017-04-13
Interger overflow in str_substr leading to read/write out of bound memory
shopify-scripts Uncontrolled Resource Consumption (CWE-400)
High
2017-03-15
Certain inputs cause tight C-level recursion leading to process stack overflow
shopify-scripts Memory Corruption - Generic (CWE-119)
High
2017-03-14
Segmentation fault - mrb_gc_mark
shopify-scripts Uncontrolled Resource Consumption (CWE-400)
High
2017-03-09
Crash: Overwriting NoMethodError with a builtin class crashes/corrupts memory
shopify-scripts Memory Corruption - Generic (CWE-119)
High
2017-03-01
attempting double-free using the mruby compiler `mrbc`
shopify-scripts Memory Corruption - Generic (CWE-119)
High
2017-02-07
ruby DoS https://www.mruby.science
shopify-scripts Uncontrolled Resource Consumption (CWE-400)
High
2017-01-15
Null pointer dereference due to TOCTTOU bug in mrb_time_initialize
shopify-scripts Uncontrolled Resource Consumption (CWE-400)
High
2017-01-15
Invalid handling of zero-length heredoc identifiers leads to infinite loop in the sandbox
shopify-scripts Uncontrolled Resource Consumption (CWE-400)
High
2017-01-12
Broken handling of maximum number of method call arguments leads to segfault
shopify-scripts Uncontrolled Resource Consumption (CWE-400)
High
2016-12-21
Buffer overflow in mrb_time_asctime
shopify-scripts Uncontrolled Resource Consumption (CWE-400)
High
2016-12-18
Denial of Service in mruby due to null pointer dereference
shopify-scripts Uncontrolled Resource Consumption (CWE-400)
High
2016-12-17
Null pointer derefence due to bug in codegen with negation without using value
shopify-scripts Uncontrolled Resource Consumption (CWE-400)
High
2016-12-17
Segmentation fault due to bad memory access in kh_get_mt
shopify-scripts Uncontrolled Resource Consumption (CWE-400)
High
2016-12-17
Denial of service due to invalid memory access in mrb_ary_concat
shopify-scripts Uncontrolled Resource Consumption (CWE-400)
High
2016-12-17
NULL pointer dereference when parsing ternary operators
shopify-scripts Uncontrolled Resource Consumption (CWE-400)
High
2016-12-17
Top Weakness Types
Most Active Programs
ProgramReportsMax $
U.S. Dept Of Defense896
Internet Bug Bounty817
HackerOne609
Nextcloud582
Shopify464
curl439
Node.js third-party modules307
GitLab258
X / xAI250 $2,500
Uber239 $9,895