Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

HackerOne — Vulnerabilities & Security Advisories 470

Browse all 470 CVE security advisories affecting HackerOne. AI-powered Chinese analysis, POCs, and references for each vulnerability.

HackerOne operates a crowdsourced vulnerability disclosure platform, connecting organizations with ethical hackers to identify and remediate security flaws before malicious exploitation. The platform’s extensive record of 470 CVEs highlights a diverse attack surface, with historically common vulnerability classes including remote code execution (RCE), cross-site scripting (XSS), and privilege escalation. These defects often stem from complex API integrations and web application logic errors inherent in its SaaS infrastructure. Notable security characteristics involve its reliance on third-party researchers, which introduces both robust coverage and potential insider threat vectors. While major public incidents have been relatively contained, the platform’s role as a central hub for vulnerability data makes it a high-value target for attackers seeking to disrupt the disclosure ecosystem or harvest sensitive intelligence. Maintaining strict access controls and transparent reporting mechanisms remains critical for preserving trust and ensuring the integrity of the bug bounty process across its global user base.

Top products by HackerOne: sequelize node module hapi node module RubyGems coffeescript node module sanitize-html node module serve node module i18next node module crud-file-server node module marked node module html-janitor node module private_address_check ruby gem m-server express-cart ws node module remarkable node module Nextcloud Server liyujing node module serverwzl node module npm-script-demo node module pandora-doomsday node module rtcmulticonnection-client node module dcserver node module tmock node module node-server-forfront node module welcomyzt node module pooledwebsocket node module cuciuci node module forwarded node module parsejson node module fresh node module
CVE IDTitleCVSSSeverityPublished
CVE-2016-10643 jstestdriver 安全漏洞 — jstestdriver node moduleCWE-311 8.1 -2018-06-04
CVE-2016-10644 slimerjs-edge 安全漏洞 — slimerjs-edge node moduleCWE-311 8.1 -2018-06-04
CVE-2016-10645 grunt-images 安全漏洞 — grunt-images node moduleCWE-311 8.1 -2018-06-04
CVE-2016-10646 resourcehacker 安全漏洞 — resourcehacker node moduleCWE-311 8.1 -2018-06-04
CVE-2016-10647 node-air-sdk 安全漏洞 — node-air-sdk node moduleCWE-311 8.1 -2018-06-04
CVE-2016-10648 marionette-socket-host 安全漏洞 — marionette-socket-host node moduleCWE-311 8.1 -2018-06-04
CVE-2016-10649 frames-compiler 安全漏洞 — frames-compiler node moduleCWE-311 8.1 -2018-06-04
CVE-2016-10651 webdriver-launcher 安全漏洞 — webdriver-launcher node moduleCWE-311 8.1 -2018-06-04
CVE-2016-10652 prebuild-lwip 安全漏洞 — prebuild-lwip node moduleCWE-311 8.1 -2018-06-04
CVE-2016-10653 xd-testing 安全漏洞 — xd-testing node moduleCWE-311 8.1 -2018-06-04
CVE-2016-10654 sfml 安全漏洞 — sfml node moduleCWE-311 7.4 -2018-06-04
CVE-2016-10655 clang-extra 安全漏洞 — clang-extra node moduleCWE-311 8.1 -2018-06-04
CVE-2016-10656 qbs 安全漏洞 — qbs node moduleCWE-311 8.1 -2018-06-04
CVE-2016-10657 co-cli-installer 安全漏洞 — co-cli-installer node moduleCWE-311 8.1 -2018-06-04
CVE-2016-10660 fis-parser-sass-bin 安全漏洞 — fis-parser-sass-bin node moduleCWE-311 8.1 -2018-06-04
CVE-2016-10661 phantomjs-cheniu 安全漏洞 — phantomjs-cheniu node moduleCWE-311 8.1 -2018-06-04
CVE-2016-10662 tomita 安全漏洞 — tomita node moduleCWE-311 8.1 -2018-06-04
CVE-2016-10663 wixtoolset 安全漏洞 — wixtoolset node moduleCWE-311 8.1 -2018-06-04
CVE-2016-10664 msystem 安全漏洞 — mystem node moduleCWE-311 8.1 -2018-06-04
CVE-2016-10665 herbivore 安全漏洞 — herbivore node moduleCWE-311 8.1 -2018-06-04
CVE-2016-10667 selenium-portal 安全漏洞 — selenium-portal node moduleCWE-311 8.1 -2018-06-04
CVE-2016-10668 libsbml 安全漏洞 — libsbml node moduleCWE-311 8.1 -2018-06-04
CVE-2016-10669 soci 安全漏洞 — soci node moduleCWE-311 8.1 -2018-06-04
CVE-2016-10670 windows-seleniumjar-mirror 安全漏洞 — windows-seleniumjar-mirror node moduleCWE-311 8.1 -2018-06-04
CVE-2016-10671 mystem-wrapper 安全漏洞 — mystem-wrapper node moduleCWE-311 8.1 -2018-06-04
CVE-2016-10672 cloudpub-redis 安全漏洞 — cloudpub-redis node moduleCWE-311 8.1 -2018-06-04
CVE-2016-10673 ipip-coffee 安全漏洞 — ipip-coffee node moduleCWE-311 8.1 -2018-06-04
CVE-2016-10675 libsbmlsim 安全漏洞 — libsbmlsim node moduleCWE-311 8.1 -2018-06-04
CVE-2016-10676 rs-brightcove 安全漏洞 — rs-brightcove node moduleCWE-311 8.1 -2018-06-04
CVE-2016-10677 google-closure-tools-latest 安全漏洞 — google-closure-tools-latest node moduleCWE-311 8.1 -2018-06-04

This page lists every published CVE security advisory associated with HackerOne. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.