Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

HackerOne — Vulnerabilities & Security Advisories 470

Browse all 470 CVE security advisories affecting HackerOne. AI-powered Chinese analysis, POCs, and references for each vulnerability.

HackerOne operates a crowdsourced vulnerability disclosure platform, connecting organizations with ethical hackers to identify and remediate security flaws before malicious exploitation. The platform’s extensive record of 470 CVEs highlights a diverse attack surface, with historically common vulnerability classes including remote code execution (RCE), cross-site scripting (XSS), and privilege escalation. These defects often stem from complex API integrations and web application logic errors inherent in its SaaS infrastructure. Notable security characteristics involve its reliance on third-party researchers, which introduces both robust coverage and potential insider threat vectors. While major public incidents have been relatively contained, the platform’s role as a central hub for vulnerability data makes it a high-value target for attackers seeking to disrupt the disclosure ecosystem or harvest sensitive intelligence. Maintaining strict access controls and transparent reporting mechanisms remains critical for preserving trust and ensuring the integrity of the bug bounty process across its global user base.

Top products by HackerOne: sequelize node module hapi node module RubyGems coffeescript node module sanitize-html node module serve node module i18next node module crud-file-server node module marked node module html-janitor node module private_address_check ruby gem m-server express-cart ws node module remarkable node module Nextcloud Server liyujing node module serverwzl node module npm-script-demo node module pandora-doomsday node module rtcmulticonnection-client node module dcserver node module tmock node module node-server-forfront node module welcomyzt node module pooledwebsocket node module cuciuci node module forwarded node module parsejson node module fresh node module
CVE IDTitleCVSSSeverityPublished
CVE-2017-16168 wffserve 路径遍历漏洞 — wffserve node moduleCWE-22 7.5 -2018-06-07
CVE-2017-16169 looppake 路径遍历漏洞 — looppake node moduleCWE-22 7.5 -2018-06-07
CVE-2017-16170 liuyaserver 路径遍历漏洞 — liuyaserver node moduleCWE-22 7.5 -2018-06-07
CVE-2017-16171 hcbserver 路径遍历漏洞 — hcbserver node moduleCWE-22 7.5 -2018-06-07
CVE-2017-16172 section2.madisonjbrooks12 路径遍历漏洞 — section2.madisonjbrooks12 node moduleCWE-22 7.5 -2018-06-07
CVE-2017-16173 utahcityfinder 路径遍历漏洞 — utahcityfinder node moduleCWE-22 7.5 -2018-06-07
CVE-2017-16174 whispercast 路径遍历漏洞 — whispercast node moduleCWE-22 7.5 -2018-06-07
CVE-2017-16175 ewgaddis.lab6 路径遍历漏洞 — ewgaddis.lab6 node moduleCWE-22 7.5 -2018-06-07
CVE-2017-16176 jansenstuffpleasework 路径遍历漏洞 — jansenstuffpleasework node moduleCWE-22 7.5 -2018-06-07
CVE-2017-16177 chatbyvista 路径遍历漏洞 — chatbyvista node moduleCWE-22 7.5 -2018-06-07
CVE-2017-16178 intsol-package 路径遍历漏洞 — intsol-package node moduleCWE-22 7.5 -2018-06-07
CVE-2017-16180 serverabc 路径遍历漏洞 — serverabc node moduleCWE-22 7.5 -2018-06-07
CVE-2017-16204 jquey模块安全漏洞 — jquey node moduleCWE-506 7.5 -2018-06-07
CVE-2017-16202 cofeescript模块安全漏洞 — coffeescript node moduleCWE-506 7.5 -2018-06-07
CVE-2017-16201 zjjserver 路径遍历漏洞 — zjjserver node moduleCWE-22 7.5 -2018-06-07
CVE-2017-16200 uv-tj-demo 路径遍历漏洞 — uv-tj-demo node moduleCWE-22 7.5 -2018-06-07
CVE-2017-16179 dasafio 路径遍历漏洞 — dasafio node moduleCWE-22 5.3 -2018-06-07
CVE-2017-16199 susu-sum 路径遍历漏洞 — susu-sum node moduleCWE-22 7.5 -2018-06-07
CVE-2017-16197 qinserve 路径遍历漏洞 — qinserve node moduleCWE-22 7.5 -2018-06-07
CVE-2017-16196 quickserver 路径遍历漏洞 — quickserver node moduleCWE-22 7.5 -2018-06-07
CVE-2017-16195 pytservce 路径遍历漏洞 — pytservce node moduleCWE-22 7.5 -2018-06-07
CVE-2017-16194 picard 路径遍历漏洞 — picard node moduleCWE-22 7.5 -2018-06-07
CVE-2017-16193 mfrs 路径遍历漏洞 — mfrs node moduleCWE-22 7.5 -2018-06-07
CVE-2017-16191 cypserver 路径遍历漏洞 — cypserver node moduleCWE-22 7.5 -2018-06-07
CVE-2017-16181 wintiwebdev 路径遍历漏洞 — wintiwebdev node moduleCWE-22 7.5 -2018-06-07
CVE-2017-16182 serverxxx 路径遍历漏洞 — serverxxx node moduleCWE-22 7.5 -2018-06-07
CVE-2017-16184 scott-blanch-weather-app 路径遍历漏洞 — scott-blanch-weather-app node moduleCWE-22 7.5 -2018-06-07
CVE-2017-16185 uekw1511server 路径遍历漏洞 — uekw1511server node moduleCWE-22 7.5 -2018-06-07
CVE-2017-16186 360class.jansenhm 路径遍历漏洞 — 360class.jansenhm node moduleCWE-22 7.5 -2018-06-07
CVE-2017-16188 reecerver 路径遍历漏洞 — reecerver node moduleCWE-22 7.5 -2018-06-07

This page lists every published CVE security advisory associated with HackerOne. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.