Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

HackerOne — Vulnerabilities & Security Advisories 470

Browse all 470 CVE security advisories affecting HackerOne. AI-powered Chinese analysis, POCs, and references for each vulnerability.

HackerOne operates a crowdsourced vulnerability disclosure platform, connecting organizations with ethical hackers to identify and remediate security flaws before malicious exploitation. The platform’s extensive record of 470 CVEs highlights a diverse attack surface, with historically common vulnerability classes including remote code execution (RCE), cross-site scripting (XSS), and privilege escalation. These defects often stem from complex API integrations and web application logic errors inherent in its SaaS infrastructure. Notable security characteristics involve its reliance on third-party researchers, which introduces both robust coverage and potential insider threat vectors. While major public incidents have been relatively contained, the platform’s role as a central hub for vulnerability data makes it a high-value target for attackers seeking to disrupt the disclosure ecosystem or harvest sensitive intelligence. Maintaining strict access controls and transparent reporting mechanisms remains critical for preserving trust and ensuring the integrity of the bug bounty process across its global user base.

Top products by HackerOne: sequelize node module hapi node module RubyGems coffeescript node module sanitize-html node module serve node module i18next node module crud-file-server node module marked node module html-janitor node module private_address_check ruby gem m-server express-cart ws node module remarkable node module Nextcloud Server liyujing node module serverwzl node module npm-script-demo node module pandora-doomsday node module rtcmulticonnection-client node module dcserver node module tmock node module node-server-forfront node module welcomyzt node module pooledwebsocket node module cuciuci node module forwarded node module parsejson node module fresh node module
CVE IDTitleCVSSSeverityPublished
CVE-2017-16223 nodeaaaaa 路径遍历漏洞 — nodeaaaaa node moduleCWE-22 7.5 -2018-06-07
CVE-2017-16222 elding 路径遍历漏洞 — elding node moduleCWE-22 5.3 -2018-06-07
CVE-2017-16221 yzt 路径遍历漏洞 — yzt node moduleCWE-22 7.5 -2018-06-07
CVE-2017-16220 wind-mvc 路径遍历漏洞 — wind-mvc node moduleCWE-22 7.5 -2018-06-07
CVE-2017-16219 yttivy 路径遍历漏洞 — yttivy node moduleCWE-22 7.5 -2018-06-07
CVE-2017-16218 dgard8.lab6 路径遍历漏洞 — dgard8.lab6 node moduleCWE-22 7.5 -2018-06-07
CVE-2017-16217 fbr-client 路径遍历漏洞 — fbr-client node moduleCWE-22 7.5 -2018-06-07
CVE-2017-16216 tencent-server 路径遍历漏洞 — tencent-server node moduleCWE-22 7.5 -2018-06-07
CVE-2017-16215 sgqserve 路径遍历漏洞 — sgqserve node moduleCWE-22 7.5 -2018-06-07
CVE-2017-16214 peiserver 路径遍历漏洞 — peiserver node moduleCWE-22 7.5 -2018-06-07
CVE-2017-16213 mfrserver 路径遍历漏洞 — mfrserver node moduleCWE-22 7.5 -2018-06-07
CVE-2017-16212 ltt 路径遍历漏洞 — ltt node moduleCWE-22 7.5 -2018-06-07
CVE-2017-16211 lessindex 路径遍历漏洞 — lessindex node moduleCWE-22 7.5 -2018-06-07
CVE-2017-16210 jn_jj_server 路径遍历漏洞 — jn_jj_server node moduleCWE-22 7.5 -2018-06-07
CVE-2017-16209 enserver 路径遍历漏洞 — enserver node moduleCWE-22 7.5 -2018-06-07
CVE-2017-16208 dmmcquay.lab6 路径遍历漏洞 — dmmcquay.lab6 node moduleCWE-22 7.5 -2018-06-07
CVE-2017-16207 discordi.js 安全漏洞 — discordi.js node moduleCWE-506 7.3 -2018-06-07
CVE-2017-16205 coffescript模块安全漏洞 — coffeescript node moduleCWE-506 7.5 -2018-06-07
CVE-2017-16173 utahcityfinder 路径遍历漏洞 — utahcityfinder node moduleCWE-22 7.5 -2018-06-07
CVE-2017-16168 wffserve 路径遍历漏洞 — wffserve node moduleCWE-22 7.5 -2018-06-07
CVE-2017-16169 looppake 路径遍历漏洞 — looppake node moduleCWE-22 7.5 -2018-06-07
CVE-2017-16170 liuyaserver 路径遍历漏洞 — liuyaserver node moduleCWE-22 7.5 -2018-06-07
CVE-2017-16171 hcbserver 路径遍历漏洞 — hcbserver node moduleCWE-22 7.5 -2018-06-07
CVE-2017-16172 section2.madisonjbrooks12 路径遍历漏洞 — section2.madisonjbrooks12 node moduleCWE-22 7.5 -2018-06-07
CVE-2017-16176 jansenstuffpleasework 路径遍历漏洞 — jansenstuffpleasework node moduleCWE-22 7.5 -2018-06-07
CVE-2017-16178 intsol-package 路径遍历漏洞 — intsol-package node moduleCWE-22 7.5 -2018-06-07
CVE-2017-16177 chatbyvista 路径遍历漏洞 — chatbyvista node moduleCWE-22 7.5 -2018-06-07
CVE-2017-16167 yyooopack 路径遍历漏洞 — yyooopack node moduleCWE-22 7.5 -2018-06-07
CVE-2017-16175 ewgaddis.lab6 路径遍历漏洞 — ewgaddis.lab6 node moduleCWE-22 7.5 -2018-06-07
CVE-2017-16174 whispercast 路径遍历漏洞 — whispercast node moduleCWE-22 7.5 -2018-06-07

This page lists every published CVE security advisory associated with HackerOne. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.