Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

HackerOne — Vulnerabilities & Security Advisories 470

Browse all 470 CVE security advisories affecting HackerOne. AI-powered Chinese analysis, POCs, and references for each vulnerability.

HackerOne operates a crowdsourced vulnerability disclosure platform, connecting organizations with ethical hackers to identify and remediate security flaws before malicious exploitation. The platform’s extensive record of 470 CVEs highlights a diverse attack surface, with historically common vulnerability classes including remote code execution (RCE), cross-site scripting (XSS), and privilege escalation. These defects often stem from complex API integrations and web application logic errors inherent in its SaaS infrastructure. Notable security characteristics involve its reliance on third-party researchers, which introduces both robust coverage and potential insider threat vectors. While major public incidents have been relatively contained, the platform’s role as a central hub for vulnerability data makes it a high-value target for attackers seeking to disrupt the disclosure ecosystem or harvest sensitive intelligence. Maintaining strict access controls and transparent reporting mechanisms remains critical for preserving trust and ensuring the integrity of the bug bounty process across its global user base.

Top products by HackerOne: sequelize node module hapi node module RubyGems coffeescript node module sanitize-html node module serve node module i18next node module crud-file-server node module marked node module html-janitor node module private_address_check ruby gem m-server express-cart ws node module remarkable node module Nextcloud Server liyujing node module serverwzl node module npm-script-demo node module pandora-doomsday node module rtcmulticonnection-client node module dcserver node module tmock node module node-server-forfront node module welcomyzt node module pooledwebsocket node module cuciuci node module forwarded node module parsejson node module fresh node module
CVE IDTitleCVSSSeverityPublished
CVE-2015-9243 hapi node模块安全漏洞 — hapi node moduleCWE-284 6.8 -2018-05-29
CVE-2015-9244 mysql node模块SQL注入漏洞 — mysql node moduleCWE-89 9.8 -2018-05-29
CVE-2016-10525 hapi-auth-jwt2 安全漏洞 — hapi-auth-jwt2 node module 9.8 -2018-05-29
CVE-2016-10551 waterline-sequel 安全漏洞 — waterline-sequel node moduleCWE-89 9.8 -2018-05-29
CVE-2016-10556 sequelize SQL注入漏洞 — sequelize node moduleCWE-89 9.1 -2018-05-29
CVE-2016-10558 aerospike 安全漏洞 — aerospike node moduleCWE-311 8.1 -2018-05-29
CVE-2016-10559 selenium-download 安全漏洞 — selenium-download node moduleCWE-311 8.1 -2018-05-29
CVE-2016-10566 install-nw 安全漏洞 — install-nw node moduleCWE-311 8.1 -2018-05-29
CVE-2016-10567 install-nw 安全漏洞 — product-monitor node moduleCWE-311 8.1 -2018-05-29
CVE-2016-10568 geoip-lite-country 安全漏洞 — geoip-lite-country node moduleCWE-311 8.1 -2018-05-29
CVE-2016-10570 pngcrush-installer 安全漏洞 — pngcrush-installer node moduleCWE-311 8.1 -2018-05-29
CVE-2016-10573 baryton-saxophone 安全漏洞 — baryton-saxophone node moduleCWE-311 8.1 -2018-05-29
CVE-2016-10577 ibm_db 安全漏洞 — ibm_db node moduleCWE-311 8.1 -2018-05-29
CVE-2016-10578 unicode 安全漏洞 — unicode node moduleCWE-311 8.1 -2018-05-29
CVE-2016-10584 dalek-browser-chrome-canary 安全漏洞 — dalek-browser-chrome-canary node moduleCWE-311 8.1 -2018-05-29
CVE-2016-10586 macaca-chromedriver 安全漏洞 — macaca-chromedriver node moduleCWE-311 8.1 -2018-05-29
CVE-2016-10589 selenium-binaries 安全漏洞 — selenium-binaries node moduleCWE-311 8.1 -2018-05-29
CVE-2016-10590 cue-sdk-node 安全漏洞 — cue-sdk-node node moduleCWE-311 8.1 -2018-05-29
CVE-2016-10591 Prince 安全漏洞 — prince node moduleCWE-311 8.1 -2018-05-29
CVE-2016-10593 ibapi 安全漏洞 — ibapi node moduleCWE-311 8.1 -2018-05-29
CVE-2016-10601 webdrvr 安全漏洞 — webdrvr node moduleCWE-311 8.1 -2018-05-29
CVE-2016-10611 strider-sauce 安全漏洞 — strider-sauce node moduleCWE-311 8.1 -2018-05-29
CVE-2016-10627 scala-bin 安全漏洞 — scala-bin node moduleCWE-311 8.1 -2018-05-29
CVE-2016-10635 broccoli-closure 安全漏洞 — broccoli-closure node moduleCWE-311 8.1 -2018-05-29
CVE-2016-10650 ntfserver 安全漏洞 — ntfserver node moduleCWE-311 8.1 -2018-05-29
CVE-2016-10658 native-opencv 安全漏洞 — native-opencv node moduleCWE-311 8.1 -2018-05-29
CVE-2016-10659 poco 安全漏洞 — poco node moduleCWE-311 8.1 -2018-05-29
CVE-2016-10666 tomita-parser 安全漏洞 — tomita-parser node moduleCWE-311 8.1 -2018-05-29
CVE-2016-10674 limbus-buildgen 安全漏洞 — limbus-buildgen node moduleCWE-311 8.1 -2018-05-29
CVE-2016-10679 selenium-standalone-painful 安全漏洞 — selenium-standalone-painful node moduleCWE-311 8.1 -2018-05-29

This page lists every published CVE security advisory associated with HackerOne. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.