Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

HackerOne — Vulnerabilities & Security Advisories 470

Browse all 470 CVE security advisories affecting HackerOne. AI-powered Chinese analysis, POCs, and references for each vulnerability.

HackerOne operates a crowdsourced vulnerability disclosure platform, connecting organizations with ethical hackers to identify and remediate security flaws before malicious exploitation. The platform’s extensive record of 470 CVEs highlights a diverse attack surface, with historically common vulnerability classes including remote code execution (RCE), cross-site scripting (XSS), and privilege escalation. These defects often stem from complex API integrations and web application logic errors inherent in its SaaS infrastructure. Notable security characteristics involve its reliance on third-party researchers, which introduces both robust coverage and potential insider threat vectors. While major public incidents have been relatively contained, the platform’s role as a central hub for vulnerability data makes it a high-value target for attackers seeking to disrupt the disclosure ecosystem or harvest sensitive intelligence. Maintaining strict access controls and transparent reporting mechanisms remains critical for preserving trust and ensuring the integrity of the bug bounty process across its global user base.

Top products by HackerOne: sequelize node module hapi node module RubyGems coffeescript node module sanitize-html node module serve node module i18next node module crud-file-server node module marked node module html-janitor node module private_address_check ruby gem m-server express-cart ws node module remarkable node module Nextcloud Server liyujing node module serverwzl node module npm-script-demo node module pandora-doomsday node module rtcmulticonnection-client node module dcserver node module tmock node module node-server-forfront node module welcomyzt node module pooledwebsocket node module cuciuci node module forwarded node module parsejson node module fresh node module
CVE IDTitleCVSSSeverityPublished
CVE-2016-10678 serc.js 安全漏洞 — serc.js node moduleCWE-311 8.1 -2018-06-04
CVE-2016-10683 arcanist 安全漏洞 — arcanist node moduleCWE-311 8.1 -2018-06-04
CVE-2016-10684 healthcenter 安全漏洞 — healthcenter node moduleCWE-311 8.1 -2018-06-04
CVE-2016-10685 pk-app-wonderbox 安全漏洞 — pk-app-wonderbox node moduleCWE-311 8.1 -2018-06-04
CVE-2016-10686 fis-sass-all 安全漏洞 — fis-sass-all node moduleCWE-311 8.1 -2018-06-04
CVE-2016-10687 windows-selenium-chromedriver 安全漏洞 — windows-selenium-chromedriver node moduleCWE-311 8.1 -2018-06-04
CVE-2016-10688 Haxe 3 安全漏洞 — haxe3 node moduleCWE-311 8.1 -2018-06-04
CVE-2016-10689 windows-iedriver模块安全漏洞 — windows-iedriver node moduleCWE-311 8.1 -2018-06-04
CVE-2016-10690 openframe-ascii-image模块安全漏洞 — openframe-ascii-image node moduleCWE-311 8.1 -2018-06-04
CVE-2016-10691 windows-seleniumjar 安全漏洞 — windows-seleniumjar node moduleCWE-311 8.1 -2018-06-04
CVE-2016-10693 pm2-kafka 安全漏洞 — pm2-kafka node moduleCWE-311 8.1 -2018-06-04
CVE-2016-10694 alto-saxophone 安全漏洞 — alto-saxophone node moduleCWE-311 8.1 -2018-06-04
CVE-2016-10574 apk-parser3 安全漏洞 — apk-parser3 node moduleCWE-311 8.1 -2018-06-01
CVE-2016-10575 Kindlegen 安全漏洞 — kindlegen node moduleCWE-311 8.1 -2018-06-01
CVE-2016-10576 fuseki 安全漏洞 — fuseki node moduleCWE-311 8.1 -2018-06-01
CVE-2016-10579 chromedriver 安全漏洞 — chromedriver node moduleCWE-311 8.1 -2018-06-01
CVE-2016-10580 nodewebkit 安全漏洞 — nodewebkit node moduleCWE-311 8.1 -2018-06-01
CVE-2016-10581 steroids 加密问题漏洞 — steroids node moduleCWE-311 8.1 -2018-06-01
CVE-2016-10582 closurecompiler 安全漏洞 — closurecompiler node moduleCWE-311 8.1 -2018-06-01
CVE-2016-10585 XLware libxl 安全漏洞 — libxl node moduleCWE-311 8.1 -2018-06-01
CVE-2016-10587 wasdk 安全漏洞 — wasdk node moduleCWE-311 8.1 -2018-06-01
CVE-2016-10588 nw 安全漏洞 — nw node moduleCWE-311 8.1 -2018-06-01
CVE-2016-10592 jser-stat 安全漏洞 — jser-stat node moduleCWE-311 8.1 -2018-06-01
CVE-2016-10594 ipip 安全漏洞 — ipip node moduleCWE-311 8.1 -2018-06-01
CVE-2016-10595 jdf-sass 安全漏洞 — jdf-sass node moduleCWE-311 8.1 -2018-06-01
CVE-2016-10596 imageoptim 安全漏洞 — imageoptim node moduleCWE-311 8.1 -2018-06-01
CVE-2016-10597 cobalt-cli 安全漏洞 — cobalt-cli node moduleCWE-311 5.9 -2018-06-01
CVE-2016-10598 arrayfire-js 安全漏洞 — arrayfire-js node moduleCWE-311 8.1 -2018-06-01
CVE-2016-10599 sauce-connect 安全漏洞 — sauce-connect node moduleCWE-311 8.1 -2018-06-01
CVE-2016-10600 webrtc-native 安全漏洞 — webrtc-native node moduleCWE-311 8.1 -2018-06-01

This page lists every published CVE security advisory associated with HackerOne. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.