目标达成 感谢每一位支持者 — 我们达成了 100% 目标!

目标: 1000 元 · 已筹: 1000

100.0%
请我们喝杯咖啡

漏洞赏金情报

数据来源:HackerOne 公开披露报告 · 每 6 小时更新

浏览 HackerOne 平台公开披露的漏洞赏金报告,按严重程度、漏洞类型或目标项目筛选,关联 CVE 编号。

已披露报告
12,221
关联 CVE
1,854
参与项目数
342
近 7 天新增
6
严重度: All CriticalHighMediumLow
类型: 全部 Information Disclosure 1173 Cross-site Scripting (XSS) … 747 Violation of Secure Design … 719 Improper Access Control - Generic 656 Improper Authentication - Generic 652 Cross-site Scripting (XSS) … 513 Uncontrolled Resource Consumption 483 Cross-site Scripting (XSS) … 461 Cross-Site Request Forgery (CSRF) 421 Privilege Escalation 375
Range#initialize_copy null pointer dereference
shopify-scripts Uncontrolled Resource Consumption (CWE-400)
High
2016-12-17
Undefined method_missing null pointer dereference
shopify-scripts Uncontrolled Resource Consumption (CWE-400)
High
2016-12-17
Range constructor type confusion DoS
shopify-scripts Uncontrolled Resource Consumption (CWE-400)
High
2016-12-17
Null target_class DoS
shopify-scripts Uncontrolled Resource Consumption (CWE-400)
High
2016-12-17
Segfault in mruby, mruby_engine and the parent MRI Ruby due to null pointer dereference
shopify-scripts Uncontrolled Resource Consumption (CWE-400)
High
2016-12-16
Segfault and/or potential unwanted (byte)code execution with "break" and "||=" inside a loop
shopify-scripts Uncontrolled Resource Consumption (CWE-400)
High
2016-12-16
Type confusion in mrb_exc_set leading to memory corruption
shopify-scripts Uncontrolled Resource Consumption (CWE-400)
Critical
2016-12-16
Exception cause SIGABRT
shopify-scripts Uncontrolled Resource Consumption (CWE-400)
High
2016-12-16
Password Forgot/Password Reset Request Bug
Pushwoosh Uncontrolled Resource Consumption (CWE-400)
High
2016-11-16
Denial of service(POP UP Recursion) on Brave browser
Brave Software Uncontrolled Resource Consumption (CWE-400)
Medium
2016-11-07
Denial of service attack(window object) on brave browser
Brave Software Uncontrolled Resource Consumption (CWE-400)
Medium
2016-10-25
DOS in browser using window.print() function
Brave Software Uncontrolled Resource Consumption (CWE-400)
Unknown
2016-10-20
Slow Http attack on nextcloud(DOS)
Nextcloud Uncontrolled Resource Consumption (CWE-400)
Unknown
2016-10-05
Issues with uploading list images
Instacart Uncontrolled Resource Consumption (CWE-400)
Unknown
2016-09-26
Arbitrary SQL query execution and reflected XSS in the "SQL Query Form"
ExpressionEngine Uncontrolled Resource Consumption (CWE-400)
Unknown
2016-08-18
[rev-app.informatica.com] - XXE
Informatica Uncontrolled Resource Consumption (CWE-400)
High
2016-08-02
help.nextcloud.com: Known DoS condition (null pointer deref) in Nginx running
Nextcloud Uncontrolled Resource Consumption (CWE-400)CVE-2016-4450
Unknown
2016-07-27
No email verification required when we change email from settings
FantasyTote Uncontrolled Resource Consumption (CWE-400)
Unknown
2016-07-23
Header Injection
Uber Uncontrolled Resource Consumption (CWE-400)
Unknown
2016-07-08
Email spoofing in support@veris.in
Veris Uncontrolled Resource Consumption (CWE-400)
Unknown
2016-07-05
高频漏洞类型
最活跃项目
项目报告数最高赏金
U.S. Dept Of Defense896
Internet Bug Bounty817
HackerOne609
Nextcloud582
Shopify464
curl440
Node.js third-party modules307
GitLab258 $13,950
X / xAI250 $2,500
Uber239