readme.md
January 20, 2023 · View on GitHub
Title
Adobe Flash Player ShimContentResolver.configure Memory Corruption Vulnerability
URL
https://hackerone.com/reports/145267
Severity score
null
Reporter
hhj4ck
Bounty paid
$2,000
Title
integer overflow in preg_quote caused heap corruption
URL
https://hackerone.com/reports/167907
Severity score
null
Reporter
minhrau
Bounty paid
$500
Title
NULL Pointer Dereference in WDDX Packet Deserialization with PDORow
URL
https://hackerone.com/reports/180908
Severity score
null
Reporter
ryat
Bounty paid
$500
Title
ldap_escape could produce string larger than 2Gb
URL
https://hackerone.com/reports/168029
Severity score
null
Reporter
jot
Bounty paid
$500
Title
integer overflow in str_pad caused heap corruption
URL
https://hackerone.com/reports/167903
Severity score
null
Reporter
minhrau
Bounty paid
$500
Title
risk of having secure=false in a crossdomain.xml
URL
https://hackerone.com/reports/105463
Severity score
null
Reporter
hacker00000000
Bounty paid
$150
Title
integer overflow in xml_utf8_encode
URL
https://hackerone.com/reports/167921
Severity score
null
Reporter
ahihi
Bounty paid
$500
Title
Adobe Flash Player FileReference Use-after-Free Vulnerability
URL
https://hackerone.com/reports/12497
Severity score
null
Reporter
hhj4ck
Bounty paid
$7,500
Title
Use After Free Vulnerability in SNMP with GC and unserialize()
URL
https://hackerone.com/reports/152266
Severity score
null
Reporter
ryat
Bounty paid
$1,000
Title
Integer overflow in wordwrap
URL
https://hackerone.com/reports/113268
Severity score
null
Reporter
jakkdu
Bounty paid
$500
Title
Memory corruption due to missing check size in _php_math_number_format_ex()
URL
https://hackerone.com/reports/180572
Severity score
null
Reporter
fosec
Bounty paid
$500
Title
No Rate Limitation on Promo Code
URL
https://hackerone.com/reports/123091
Severity score
null
Reporter
daniyal_nasir
Bounty paid
null
Title
Ruby 2.3.x and 2.2.x still bundle DoS vulnerable verision of libYAML
URL
https://hackerone.com/reports/235842
Severity score
5.3
Reporter
usa
Bounty paid
null
Title
Crash: calling Proc::initialize_copy with a Proc instance where initialize never ran leads to a crash
URL
https://hackerone.com/reports/184857
Severity score
null
Reporter
brakhane
Bounty paid
$8,000
Title
napi_get_value_string_X allow various kinds of memory corruption
URL
https://hackerone.com/reports/784186
Severity score
8.5
Reporter
tniessen
Bounty paid
$250
Title
Heap corruption via memarea.c
URL
https://hackerone.com/reports/138025
Severity score
null
Reporter
guido
Bounty paid
$300
Title
Invalid memory access in spl_filesystem_info_set_filename function
URL
https://hackerone.com/reports/180592
Severity score
null
Reporter
jot
Bounty paid
$500
Title
CVE-2017-5342 In tcpdump before 4.9.0 a bug in multiple protocol parsers could cause a buffer overflow in print-ether.c:ether_print()
URL
https://hackerone.com/reports/202968
Severity score
7.3
Reporter
geeknik
Bounty paid
$500
Title
NULL Pointer Dereference while unserialize php object
URL
https://hackerone.com/reports/195688
Severity score
null
Reporter
hoangnguyen
Bounty paid
$500
Title
imagescale out-of-bounds read
URL
https://hackerone.com/reports/141202
Severity score
null
Reporter
fms
Bounty paid
$500
Title
SIGSEGV on mruby's mark_tbl() (Invalid memory access)
URL
https://hackerone.com/reports/183239
Severity score
null
Reporter
jpenalbae
Bounty paid
$8,000
Title
Adobe Flash Player Regular Expression UAF Remote Code Execution Vulnerability
URL
https://hackerone.com/reports/139879
Severity score
null
Reporter
bee13oy
Bounty paid
$5,000
Title
Sender policy framework (SPF) records evaluation return (Too many DNS lookups) error
URL
https://hackerone.com/reports/119033
Severity score
null
Reporter
hacker00000000
Bounty paid
null
Title
crash in gzcompress and 3 other compress functions
URL
https://hackerone.com/reports/180109
Severity score
null
Reporter
jot
Bounty paid
$500
Title
wddx_deserialize allows illegal memory access
URL
https://hackerone.com/reports/161200
Severity score
null
Reporter
fms
Bounty paid
$500
Title
Malformed .WAV triggers an Access Violation on GoldSRC (hl.exe)
URL
https://hackerone.com/reports/495789
Severity score
null
Reporter
chippy
Bounty paid
$200
Title
crash in bzcompress function
URL
https://hackerone.com/reports/180111
Severity score
null
Reporter
jot
Bounty paid
$500
Title
[w1.dwar.ru] Core Dump
URL
https://hackerone.com/reports/99686
Severity score
null
Reporter
bigbear_
Bounty paid
null
Title
Assertion `col >= 0 && col < line->cols' failed, process aborted while streaming ouput from remote server
URL
https://hackerone.com/reports/503821
Severity score
null
Reporter
geeknik
Bounty paid
$283.83
Title
Use After Free in unserialize()
URL
https://hackerone.com/reports/198732
Severity score
null
Reporter
ryat
Bounty paid
$500
Title
Use After Free/Double Free in Garbage Collection
URL
https://hackerone.com/reports/152281
Severity score
null
Reporter
ryat
Bounty paid
$500
Title
Yet another Buffer Overflow in PHP of the AirMax Products
URL
https://hackerone.com/reports/74025
Severity score
null
Reporter
93c08539
Bounty paid
$500
Title
forgot to add the patch
URL
https://hackerone.com/reports/203595
Severity score
null
Reporter
soreks
Bounty paid
$800
Title
ZeroMQ libzmq remote code execution
URL
https://hackerone.com/reports/477073
Severity score
8.8
Reporter
guido
Bounty paid
$1,000
Title
Race condition in Flash workers may cause an exploitable double free
URL
https://hackerone.com/reports/37240
Severity score
null
Reporter
biloulehibou
Bounty paid
$10,000
Title
malloc negative size parameter
URL
https://hackerone.com/reports/181073
Severity score
null
Reporter
ahihi
Bounty paid
$500
Title
StringIO strio_getline() can divulge arbitrary memory
URL
https://hackerone.com/reports/144482
Severity score
null
Reporter
guido
Bounty paid
$500
Title
Adobe Flash Player ASnative(900,1).call(TextField) Use-After-Free Vulnerability
URL
https://hackerone.com/reports/119655
Severity score
null
Reporter
hhj4ck
Bounty paid
$2,000
Title
xml_parse_into_struct segmentation fault
URL
https://hackerone.com/reports/135294
Severity score
null
Reporter
fms
Bounty paid
$500
Title
Recursion causing uninitialized memory reads leading to a segfault
URL
https://hackerone.com/reports/201897
Severity score
null
Reporter
dgaletic
Bounty paid
$2,000
Title
Crash: mrb_any_to_s can't handle NilClass, Symbol and Fixnum
URL
https://hackerone.com/reports/185794
Severity score
null
Reporter
brakhane
Bounty paid
$8,000
Title
gdImageTrueColorToPaletteBody allows arbitrary write/read access
URL
https://hackerone.com/reports/153776
Severity score
null
Reporter
fms
Bounty paid
$500
Title
Use-after-free during XML transformations (MFSA-2016-27)
URL
https://hackerone.com/reports/126797
Severity score
null
Reporter
agarri_fr
Bounty paid
$300
Title
Multiple vulnerabilities related to PCRE functions (already fixed)
URL
https://hackerone.com/reports/141839
Severity score
null
Reporter
mongo
Bounty paid
$500
Title
heap overflow in substr_replace
URL
https://hackerone.com/reports/167904
Severity score
null
Reporter
minhrau
Bounty paid
$500
Title
Integer underflow / arbitrary null write in fread/gzread
URL
https://hackerone.com/reports/141212
Severity score
null
Reporter
fms
Bounty paid
$500
Title
Heap Overflow Due To Integer Overflow
URL
https://hackerone.com/reports/146360
Severity score
null
Reporter
hoangnguyen
Bounty paid
$1,000
Title
SIGABRT in mrb_debug_info_append_file
URL
https://hackerone.com/reports/215967
Severity score
null
Reporter
ston3
Bounty paid
$800
Title
Uninitialized pointer in phar_make_dirstream()
URL
https://hackerone.com/reports/109843
Severity score
null
Reporter
l4w
Bounty paid
$1,000
Title
wddx_deserialize null dereference with invalid xml
URL
https://hackerone.com/reports/161198
Severity score
null
Reporter
fms
Bounty paid
$500
Title
BN_hex2bn/BN_dec2bn NULL pointer deref/heap corruption (CVE-2016-0797)
URL
https://hackerone.com/reports/119873
Severity score
null
Reporter
guido
Bounty paid
$500
Title
Use After Free in str_replace
URL
https://hackerone.com/reports/193143
Severity score
null
Reporter
tunz
Bounty paid
$800
Title
Ruby 2.4.1 has "Stack consistency error" and aborts when processing return statement within a case statement
URL
https://hackerone.com/reports/247640
Severity score
null
Reporter
haquaman
Bounty paid
null
Title
integer overflow in pg_escape_string caused heap corruption
URL
https://hackerone.com/reports/167901
Severity score
null
Reporter
minhrau
Bounty paid
$500
Title
Race condition in workers may cause an exploitable double free by abusing bytearray.compress()
URL
https://hackerone.com/reports/47227
Severity score
null
Reporter
biloulehibou
Bounty paid
$10,000
Title
wddx_deserialize null dereference in php_wddx_pop_element
URL
https://hackerone.com/reports/161217
Severity score
null
Reporter
fms
Bounty paid
$500
Title
CVE-2016-0799 memory issues in BIO_*printf functions
URL
https://hackerone.com/reports/118855
Severity score
null
Reporter
guido
Bounty paid
$500
Title
Adobe Flash Player Out-of-Bound Read/Write Vulnerability
URL
https://hackerone.com/reports/31408
Severity score
null
Reporter
hhj4ck
Bounty paid
$5,000
Title
SIGABRT - in free
URL
https://hackerone.com/reports/216725
Severity score
null
Reporter
ston3
Bounty paid
$800
Title
Incorrect GC behavior in xxlimited could lead to use-after-free
URL
https://hackerone.com/reports/203002
Severity score
null
Reporter
zeroinside
Bounty paid
$500
Title
Yahoo! Messenger v11.5.0.228 emoticons.xml shortcut Value Handling Stack-Based Buffer Overflow
URL
https://hackerone.com/reports/10767
Severity score
null
Reporter
mrtuxracer
Bounty paid
null
Title
Heap Buffer Overflow
URL
https://hackerone.com/reports/150626
Severity score
null
Reporter
b6945caf98f2f809b8e6ece
Bounty paid
$500
Title
Use After Free in unserialize() with Unexpected Session Deserialization
URL
https://hackerone.com/reports/152267
Severity score
null
Reporter
ryat
Bounty paid
$1,000
Title
SEGV on ary_concat
URL
https://hackerone.com/reports/296198
Severity score
null
Reporter
ahihi
Bounty paid
$800
Title
Arbitrary heap exposure in JSON.generate
URL
https://hackerone.com/reports/209949
Severity score
null
Reporter
ahmadsherif
Bounty paid
$500
Title
NULL Pointer Dereference in exif_process_user_comment
URL
https://hackerone.com/reports/152232
Severity score
null
Reporter
hoangnguyen
Bounty paid
$500
Title
An integer overflow bug in php_str_to_str_ex() led arbitrary code execution.
URL
https://hackerone.com/reports/113122
Severity score
null
Reporter
blue9057
Bounty paid
$500
Title
Email Authentication Bypass
URL
https://hackerone.com/reports/135283
Severity score
null
Reporter
khoujaahmed
Bounty paid
null
Title
Session Management Issue CMS Airship
URL
https://hackerone.com/reports/148914
Severity score
null
Reporter
ahsan
Bounty paid
null
Title
integer overflow in bzdecompress caused heap corruption
URL
https://hackerone.com/reports/159955
Severity score
null
Reporter
minhrau
Bounty paid
$500
Title
Heap BufferOver Flow in escapeshellargs and escapeshellcmd functions
URL
https://hackerone.com/reports/110722
Severity score
null
Reporter
libnex
Bounty paid
$500
Title
stack-buffer-overflow through "ResourceBundle" methods
URL
https://hackerone.com/reports/175316
Severity score
null
Reporter
fms
Bounty paid
$500
Title
openssl_seal() uninitialized memory usage
URL
https://hackerone.com/reports/114414
Severity score
null
Reporter
51201
Bounty paid
$1,000
Title
Spam Some one using (user.saveInvite) system
URL
https://hackerone.com/reports/182089
Severity score
null
Reporter
madrobot
Bounty paid
null
Title
JSBeautifier BApp: Race condition leads to memory disclosure
URL
https://hackerone.com/reports/187134
Severity score
8.8
Reporter
jelmer
Bounty paid
null
Title
Crossdomain.xml settings on api.imgur.com too open
URL
https://hackerone.com/reports/91604
Severity score
null
Reporter
kiraak-boy
Bounty paid
$50
Title
Integer Overflow in gdImagePaletteToTrueColor() resulting in heap overflow
URL
https://hackerone.com/reports/147125
Severity score
null
Reporter
gogil
Bounty paid
$500
Title
Session WDDX Packet Deserialization Type Confusion Vulnerability
URL
https://hackerone.com/reports/108683
Severity score
null
Reporter
ryat
Bounty paid
$500
Title
gzuncompress does NOT check output string size which leads to an overflow
URL
https://hackerone.com/reports/168028
Severity score
null
Reporter
jot
Bounty paid
$500
Title
SIGSEGV mrb_obj_freeze() Manipulating Register RAX and RSI
URL
https://hackerone.com/reports/191994
Severity score
null
Reporter
ston3
Bounty paid
$800
Title
Buffer Overflow in PHP of the AirMax Products
URL
https://hackerone.com/reports/73491
Severity score
null
Reporter
93c08539
Bounty paid
$250
Title
CVE-2017-5484 The ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-atm.c:sig_print()
URL
https://hackerone.com/reports/202967
Severity score
7.3
Reporter
geeknik
Bounty paid
$500
Title
Heap Overflow due to integer overflows
URL
https://hackerone.com/reports/159988
Severity score
null
Reporter
knight9
Bounty paid
$500
Title
Negative size parameter (-1) in memcpy mbfl_strcut
URL
https://hackerone.com/reports/127242
Severity score
null
Reporter
fms
Bounty paid
$1,000
Title
Malformed .MDL triggers an Access Violation on GoldSRC (hl.exe)
URL
https://hackerone.com/reports/495793
Severity score
null
Reporter
chippy
Bounty paid
$2,000
Title
integer overflow in pg_escape_bytea caused heap corruption
URL
https://hackerone.com/reports/167905
Severity score
null
Reporter
minhrau
Bounty paid
$500
Title
Heap overflow in mysqlnd related to BIT fields (CVE-2016-7412)
URL
https://hackerone.com/reports/176279
Severity score
null
Reporter
mongo
Bounty paid
$1,000
Title
_php_mb_regex_ereg_replace_exec - double free
URL
https://hackerone.com/reports/146200
Severity score
null
Reporter
51201
Bounty paid
$500
Title
Write out-of-bounds at number_format
URL
https://hackerone.com/reports/175310
Severity score
null
Reporter
fms
Bounty paid
$500
Title
heap-buffer-overflow (buffer read overrun) in curl: ourWriteOut() src/tool_writeout.c:115
URL
https://hackerone.com/reports/212931
Severity score
null
Reporter
geeknik
Bounty paid
null
Title
CVE-2016-2177 Undefined pointer arithmetic in SSL code
URL
https://hackerone.com/reports/142472
Severity score
null
Reporter
guido
Bounty paid
$500
Title
Use of unitialized value in token_check_object (src/or/parsecommon.c:224)
URL
https://hackerone.com/reports/276255
Severity score
null
Reporter
geeknik
Bounty paid
null
Title
SIGABRT - method_missing - mark_context_stack
URL
https://hackerone.com/reports/205284
Severity score
null
Reporter
ston3
Bounty paid
$100
Title
Exposed, outdated nginx server (v1.4.6) potentially vulnerable to heap-based buffer overflow & RCE
URL
https://hackerone.com/reports/168485
Severity score
null
Reporter
cha5m
Bounty paid
$50
Title
3 heap corruptions in PHP
URL
https://hackerone.com/reports/188102
Severity score
null
Reporter
minhrau
Bounty paid
$1,500
Title
Crash: Overwriting NoMethodError with a builtin class crashes/corrupts memory
URL
https://hackerone.com/reports/186723
Severity score
null
Reporter
brakhane
Bounty paid
$10,000
Title
Race Conditions in Popular reports feature.
URL
https://hackerone.com/reports/146845
Severity score
null
Reporter
shmoo
Bounty paid
$500
Title
iconv() function missing string length check
URL
https://hackerone.com/reports/180112
Severity score
null
Reporter
jot
Bounty paid
$500
Title
potential memory corruption in or/buffers.c (particularly on 32 bit)
URL
https://hackerone.com/reports/163459
Severity score
null
Reporter
guido
Bounty paid
$100
Title
Double free vulnerability in Flash Player Settings Manager (CVE-2015-0346)
URL
https://hackerone.com/reports/56385
Severity score
null
Reporter
jouko
Bounty paid
$5,000
Title
Invalid memory access in spl_filesystem_dir_open function
URL
https://hackerone.com/reports/180590
Severity score
null
Reporter
jot
Bounty paid
$500
Title
Parsing invalid unicode codepoints using json c extension (2.0.1+) triggers a segfault
URL
https://hackerone.com/reports/198927
Severity score
null
Reporter
dgollahon
Bounty paid
null
Title
bcpowmod accepts negative scale and corrupts one definition
URL
https://hackerone.com/reports/135293
Severity score
null
Reporter
fms
Bounty paid
$500
Title
Missing type check when unserializing SplArray
URL
https://hackerone.com/reports/167977
Severity score
null
Reporter
ahihi
Bounty paid
$500
Title
SIGSEGV in mrb_vm_exec
URL
https://hackerone.com/reports/196380
Severity score
null
Reporter
ston3
Bounty paid
$800
Title
Email spoofing in security@paragonie.com
URL
https://hackerone.com/reports/148763
Severity score
null
Reporter
ahsan
Bounty paid
null
Title
Use After Free Vulnerability in unserialize()
URL
https://hackerone.com/reports/159948
Severity score
null
Reporter
ryat
Bounty paid
$500
Title
Adobe Flash Player TextField Use-After-Free Vulnerability
URL
https://hackerone.com/reports/122254
Severity score
null
Reporter
hhj4ck
Bounty paid
$2,000
Title
CVE-2016-4796 OpenJPEG color_cmyk_to_rgb Out-of-Bounds Read Vulnerability
URL
https://hackerone.com/reports/167955
Severity score
null
Reporter
hacker2nd
Bounty paid
null
Title
An integer overflow bug in php_implode() could lead heap overflow, make PHP to crash
URL
https://hackerone.com/reports/113120
Severity score
null
Reporter
blue9057
Bounty paid
$500
Title
select_colors write out-of-bounds
URL
https://hackerone.com/reports/161189
Severity score
null
Reporter
fms
Bounty paid
$1,000
Title
Memory corruption in _php_math_number_format_ex()
URL
https://hackerone.com/reports/180562
Severity score
null
Reporter
fosec
Bounty paid
$500
Title
Use of uninitialized value in networkstatus_parse_vote_from_string (src/or/routerparse.c:3533)
URL
https://hackerone.com/reports/276253
Severity score
null
Reporter
geeknik
Bounty paid
null
Title
EVP_EncodeUpdate overflow (CVE-2016-2105)
URL
https://hackerone.com/reports/135944
Severity score
null
Reporter
guido
Bounty paid
$500
Title
mruby-time: Crash host with uninitialized Time obj
URL
https://hackerone.com/reports/184661
Severity score
null
Reporter
brakhane
Bounty paid
$8,000
Title
nginx SPDY heap buffer overflow for https://grtp.co/
URL
https://hackerone.com/reports/116352
Severity score
null
Reporter
anonymous_ftpuser
Bounty paid
null
Title
Adobe Flash Player ASnative(101,10) Memory Corruption Vulnerability
URL
https://hackerone.com/reports/119652
Severity score
null
Reporter
hhj4ck
Bounty paid
$5,000
Title
Adobe Flash Player ShimOpportunityGenerator class Memory Corruption Vulnerability
URL
https://hackerone.com/reports/145269
Severity score
null
Reporter
hhj4ck
Bounty paid
$2,000
Title
Type Confusion in Object Deserialization
URL
https://hackerone.com/reports/198733
Severity score
null
Reporter
ryat
Bounty paid
$500
Title
heap-buffer-overflow (write) simplestring_addn simplestring.c
URL
https://hackerone.com/reports/153863
Severity score
null
Reporter
pjumde
Bounty paid
$500
Title
Heap corruption in string.c tr_trans() due to undersized buffer
URL
https://hackerone.com/reports/144485
Severity score
null
Reporter
guido
Bounty paid
null
Title
Adobe Flash Player ContentFactory class Memory Corruption Vulnerability
URL
https://hackerone.com/reports/138516
Severity score
null
Reporter
hhj4ck
Bounty paid
$2,000
Title
Adobe Flash Player OpportunityGenerator class Memory Corruption Vulnerability
URL
https://hackerone.com/reports/138518
Severity score
null
Reporter
hhj4ck
Bounty paid
$2,000
Title
Adobe Flash Player MP4 Use-After-Free Vulnerability
URL
https://hackerone.com/reports/30567
Severity score
null
Reporter
hhj4ck
Bounty paid
$2,000
Title
imagegif/output out-of-bounds access
URL
https://hackerone.com/reports/152784
Severity score
null
Reporter
fms
Bounty paid
$500
Title
crash in implode() function
URL
https://hackerone.com/reports/180110
Severity score
null
Reporter
jot
Bounty paid
$500
Title
type confusion in Sass::ParserState::ParserState(Sass::ParserState const&)
URL
https://hackerone.com/reports/66724
Severity score
null
Reporter
richo
Bounty paid
null
Title
Memory disclosure in timegm
URL
https://hackerone.com/reports/192896
Severity score
null
Reporter
volc
Bounty paid
$1,000
Title
crash in get_icu_value_internal function
URL
https://hackerone.com/reports/180113
Severity score
null
Reporter
jot
Bounty paid
$500
Title
CVE-2016-1924 OpenJPEG opj_tgt_reset Out-of-Bounds Read Vulnerability
URL
https://hackerone.com/reports/167957
Severity score
null
Reporter
hacker2nd
Bounty paid
null
Title
puttygen: 160MB memory leak while trying to extract openssh public key from crafted key file
URL
https://hackerone.com/reports/484930
Severity score
3.1
Reporter
geeknik
Bounty paid
$286.22
Title
imagegammacorrect allows arbitrary write access
URL
https://hackerone.com/reports/161193
Severity score
null
Reporter
fms
Bounty paid
$1,000
Title
Adobe Flash Player Uninitialised Memory Corruption
URL
https://hackerone.com/reports/122256
Severity score
null
Reporter
riusksk
Bounty paid
$2,000
Title
Heap Overflow in mrb_arb_splice
URL
https://hackerone.com/reports/192362
Severity score
null
Reporter
tunz
Bounty paid
$800
Title
Crash: A call to Symbol.new leads to a crash when inspecting the resulting object
URL
https://hackerone.com/reports/185957
Severity score
null
Reporter
brakhane
Bounty paid
$1,000
Title
Heap overflow due to integer overflow in bzdecompress() function
URL
https://hackerone.com/reports/180563
Severity score
null
Reporter
fosec
Bounty paid
$500
Title
Use After Free in Flash MessageChannel.send can cause arbitrary code execution
URL
https://hackerone.com/reports/47234
Severity score
null
Reporter
biloulehibou
Bounty paid
$7,500
Title
Misusing of FPU Instruction Could Cause Security Vulnerabilities in Adobe Flash Player
URL
https://hackerone.com/reports/66962
Severity score
null
Reporter
yopwn
Bounty paid
$5,000
Title
Use after free during the StageVideoAvailabilityEvent can result in arbitrary code execution
URL
https://hackerone.com/reports/47232
Severity score
null
Reporter
biloulehibou
Bounty paid
$10,000
Title
integer overflow in curl_escape caused heap corruption
URL
https://hackerone.com/reports/159953
Severity score
null
Reporter
minhrau
Bounty paid
$500
Title
Invalid free in phar_extract_file()
URL
https://hackerone.com/reports/146202
Severity score
null
Reporter
hji
Bounty paid
$1,000
Title
A Serious Bug on SIGNUP Process!
URL
https://hackerone.com/reports/7941
Severity score
null
Reporter
faisalahmed
Bounty paid
null
Title
stack buffer overflows in the curses module
URL
https://hackerone.com/reports/159690
Severity score
null
Reporter
tehybel
Bounty paid
$500
Title
LZ4 Core
URL
https://hackerone.com/reports/17688
Severity score
null
Reporter
donb
Bounty paid
$6,000
Title
Out of bounds memory read in unserialize()
URL
https://hackerone.com/reports/200909
Severity score
null
Reporter
hanno
Bounty paid
$500
Title
[tor] libevent dns remote stack overread vulnerability
URL
https://hackerone.com/reports/112632
Severity score
null
Reporter
guido
Bounty paid
$500
Title
Stack-based buffer overflow vulnerability in virtual_file_ex
URL
https://hackerone.com/reports/152280
Severity score
null
Reporter
knight9
Bounty paid
$1,000
Title
Illegal write/read access caused by gdImageAALine overflow
URL
https://hackerone.com/reports/182420
Severity score
null
Reporter
fms
Bounty paid
$500
Title
crash in simplestring_addn function
URL
https://hackerone.com/reports/180589
Severity score
null
Reporter
jot
Bounty paid
$500
Title
Heap buffer oveflow with many arguments
URL
https://hackerone.com/reports/204421
Severity score
null
Reporter
titanous
Bounty paid
$800
Title
integer overflow in php_ldap_do_escape caused heap corruption
URL
https://hackerone.com/reports/167902
Severity score
null
Reporter
minhrau
Bounty paid
$500
Title
imap_rfc822_parse_headers GS Violation
URL
https://hackerone.com/reports/170260
Severity score
null
Reporter
fms
Bounty paid
$500
Title
PHP Integer Overflow in gdImageWebpCtx
URL
https://hackerone.com/reports/170619
Severity score
null
Reporter
hacker2nd
Bounty paid
$500
Title
memory allocator fails to realloc small block to large one
URL
https://hackerone.com/reports/159992
Severity score
null
Reporter
tinduong
Bounty paid
$500
Title
Perl 5.22 VDir::MapPathA/W Out-of-bounds Reads and Buffer Over-reads
URL
https://hackerone.com/reports/110352
Severity score
null
Reporter
johnleitch
Bounty paid
$1,000
Title
pass2_no_dither out-of-bounds access
URL
https://hackerone.com/reports/146940
Severity score
null
Reporter
fms
Bounty paid
$500
Title
CachingIterator null dereference when convert to string
URL
https://hackerone.com/reports/176226
Severity score
null
Reporter
ahihi
Bounty paid
$500
Title
Out of bound when verify signature of zip phar in phar_parse_zipfile
URL
https://hackerone.com/reports/167895
Severity score
null
Reporter
hoangnguyen
Bounty paid
$500
Title
wddx_deserialize use-after-free
URL
https://hackerone.com/reports/170144
Severity score
null
Reporter
fms
Bounty paid
$500
Title
no string size restriction on team name
URL
https://hackerone.com/reports/237125
Severity score
null
Reporter
michan
Bounty paid
null
Title
mruby heap use-after-free
URL
https://hackerone.com/reports/206109
Severity score
null
Reporter
mg36
Bounty paid
$800
Title
Heap overflow due to integer overflow in php_escape_html_entities_ex() function
URL
https://hackerone.com/reports/180582
Severity score
null
Reporter
fosec
Bounty paid
$500
Title
memcpy negative parameter _bc_new_num_ex
URL
https://hackerone.com/reports/175312
Severity score
null
Reporter
fms
Bounty paid
$500
Title
gzdecode does NOT check output string size which leads to an overflow
URL
https://hackerone.com/reports/168027
Severity score
null
Reporter
jot
Bounty paid
$500
Title
locale_accept_from_http out-of-bounds access
URL
https://hackerone.com/reports/152782
Severity score
null
Reporter
fms
Bounty paid
$500
Title
Integer Overflow in mrb_ary_set
URL
https://hackerone.com/reports/192235
Severity score
null
Reporter
tunz
Bounty paid
$100
Title
SIGABRT - mrb_realloc_simple - gc.c - line:201
URL
https://hackerone.com/reports/198452
Severity score
null
Reporter
ston3
Bounty paid
$100
Title
Invalid read when wddx decodes empty boolean element
URL
https://hackerone.com/reports/188661
Severity score
null
Reporter
fosec
Bounty paid
$500
Title
Heap overflow due to integer overflow in pg_escape_string() function
URL
https://hackerone.com/reports/180584
Severity score
null
Reporter
fosec
Bounty paid
$500
Title
MISSING SPF RECORDS & MISSING DKIM POLICY
URL
https://hackerone.com/reports/117818
Severity score
null
Reporter
noob-boy
Bounty paid
null
Title
memory corruption in wordwrap function
URL
https://hackerone.com/reports/167910
Severity score
null
Reporter
minhrau
Bounty paid
$500
Title
[tor] libevent dns OOB read
URL
https://hackerone.com/reports/115702
Severity score
null
Reporter
guido
Bounty paid
$200
Title
imagecropauto out-of-bounds access
URL
https://hackerone.com/reports/178144
Severity score
null
Reporter
fms
Bounty paid
$500
Title
Heap corruption in tar/zip/phar parser
URL
https://hackerone.com/reports/110417
Severity score
null
Reporter
l4w
Bounty paid
$1,000
Title
attempting double-free using the mruby compiler mrbc
URL
https://hackerone.com/reports/193517
Severity score
null
Reporter
geeknik
Bounty paid
$800
Title
CVE-2017-5341 The OTV parser in tcpdump before 4.9.0 has a buffer overflow in print-otv.c:otv_print()
URL
https://hackerone.com/reports/202965
Severity score
7.3
Reporter
geeknik
Bounty paid
$500
Title
Heap overflow due to off-by-one when expanding stack
URL
https://hackerone.com/reports/194906
Severity score
null
Reporter
titanous
Bounty paid
$800
Title
Memory corrouption in mrb_gc_mark
URL
https://hackerone.com/reports/208363
Severity score
7.3
Reporter
minhrau
Bounty paid
$100
Title
Heap corruption in DateTime.strftime() on 32 bit for certain format strings
URL
https://hackerone.com/reports/144484
Severity score
null
Reporter
guido
Bounty paid
null
Title
Missing "size check" on files to upload could make memory leaks.
URL
https://hackerone.com/reports/19532
Severity score
null
Reporter
eth3real
Bounty paid
null
Title
Out-of-bounds reads in zif_grapheme_stripos with negative offset
URL
https://hackerone.com/reports/135291
Severity score
null
Reporter
fms
Bounty paid
$500
Title
Invalid memory access in zend_strtod() function
URL
https://hackerone.com/reports/180588
Severity score
null
Reporter
jot
Bounty paid
$500
Title
SIGSEGV in str_buf_cat
URL
https://hackerone.com/reports/213255
Severity score
null
Reporter
ston3
Bounty paid
$100
Title
SEH buffer overflow msgfmt_format_message
URL
https://hackerone.com/reports/170138
Severity score
null
Reporter
fms
Bounty paid
$1,000
Title
CVE-2017-5482 The Q.933 parser in tcpdump before 4.9.0 has a buffer overflow in print-fr.c:q933_print().
URL
https://hackerone.com/reports/202969
Severity score
7.3
Reporter
geeknik
Bounty paid
$500
Title
Memory disclosure in mruby String#lines method
URL
https://hackerone.com/reports/181319
Severity score
null
Reporter
isra17
Bounty paid
$2,000
Title
UAF in xmlparser_setevents (1)
URL
https://hackerone.com/reports/112858
Severity score
null
Reporter
pakt_
Bounty paid
$500
Title
b2i_PVK_bio heap corruption
URL
https://hackerone.com/reports/119989
Severity score
null
Reporter
guido
Bounty paid
null
Title
Ericsson Erlang OTP Core Allocation Subsystem Integer Overflow (All Versions)
URL
https://hackerone.com/reports/28640
Severity score
null
Reporter
donb
Bounty paid
null
Title
Multiple use after frees in obj2ast_* methods
URL
https://hackerone.com/reports/172115
Severity score
null
Reporter
pakt_
Bounty paid
$500
Title
Type Confusion Vulnerability - SOAP / make_http_soap_request()
URL
https://hackerone.com/reports/116773
Severity score
null
Reporter
l4w
Bounty paid
$1,000
Title
Adobe Flash Player MP4 Use-After-Free Vulnerability
URL
https://hackerone.com/reports/36279
Severity score
null
Reporter
hhj4ck
Bounty paid
$2,000
Title
Missing memory corruption protection on Windows release built
URL
https://hackerone.com/reports/380102
Severity score
4.7
Reporter
secconsult
Bounty paid
$50
Title
Illegal write access through Locale methods
URL
https://hackerone.com/reports/175315
Severity score
null
Reporter
fms
Bounty paid
$500
Title
SIGABRT - mirb and mruby
URL
https://hackerone.com/reports/214000
Severity score
null
Reporter
ston3
Bounty paid
$800
Title
Memory corruption in imap-parser.c
URL
https://hackerone.com/reports/537550
Severity score
8.1
Reporter
nick_roessler
Bounty paid
$5,000
Title
Use-after-free in unserialize()
URL
https://hackerone.com/reports/175982
Severity score
null
Reporter
ryat
Bounty paid
$1,000
Title
libevent (stack) buffer overflow in evutil_parse_sockaddr_port
URL
https://hackerone.com/reports/112784
Severity score
null
Reporter
guido
Bounty paid
$100
Title
amazon aws s3 bucket content is public :- http://shopify.com.s3.amazonaws.com/
URL
https://hackerone.com/reports/57505
Severity score
null
Reporter
pulkit_pandey
Bounty paid
$500
Title
Memory Leakage In exif_process_IFD_in_TIFF (CVE-2016-7128)
URL
https://hackerone.com/reports/160294
Severity score
null
Reporter
hoangnguyen
Bounty paid
$1,000
Title
use-after-free vulnerability in Flash Player
URL
https://hackerone.com/reports/18843
Severity score
null
Reporter
yopwn
Bounty paid
$2,000
Title
SIGABRT - mrb_default_allocf
URL
https://hackerone.com/reports/193773
Severity score
null
Reporter
icanthack
Bounty paid
$800
Title
Segmentation fault on program counter
URL
https://hackerone.com/reports/196498
Severity score
null
Reporter
icanthack
Bounty paid
$800
Title
Adobe Flash Player Metadata class Memory Corruption Vulnerability
URL
https://hackerone.com/reports/138517
Severity score
null
Reporter
hhj4ck
Bounty paid
$2,000
Title
Linux kernel: CVE-2017-1000112: a memory corruption due to UFO to non-UFO path switch
URL
https://hackerone.com/reports/684573
Severity score
7
Reporter
xairy
Bounty paid
null
Title
mrb_vformat() heap overflow could lead to code execution
URL
https://hackerone.com/reports/192318
Severity score
null
Reporter
mg36
Bounty paid
$100
Title
Flash double free vulnerability leads to code execution
URL
https://hackerone.com/reports/2170
Severity score
null
Reporter
clem1
Bounty paid
$10,000
Title
Uninitialized Thumbail Data Leads To Memory Leakage in exif_process_IFD_in_TIFF
URL
https://hackerone.com/reports/167888
Severity score
null
Reporter
hoangnguyen
Bounty paid
$1,000
Title
Create N Accounts In Dropbox Irrespective Of Domain
URL
https://hackerone.com/reports/49378
Severity score
null
Reporter
rohill-eis
Bounty paid
null
Title
SIGSEGV - mark_context_stack
URL
https://hackerone.com/reports/209937
Severity score
null
Reporter
ston3
Bounty paid
$800
Title
Integer Overflow in _gd2GetHeader() resulting in heap overflow
URL
https://hackerone.com/reports/143234
Severity score
null
Reporter
gogil
Bounty paid
$500
Title
Adobe Flash Player PSDK Class Use After Free Vulnerability
URL
https://hackerone.com/reports/151043
Severity score
null
Reporter
hhj4ck
Bounty paid
$5,000
Title
Easy spam with USE My PHONE Feature
URL
https://hackerone.com/reports/127918
Severity score
null
Reporter
decoder
Bounty paid
$250
Title
Out-of-Bound Read in phar_parse_zipfile()
URL
https://hackerone.com/reports/114172
Severity score
null
Reporter
l4w
Bounty paid
$500
Title
read outside of buffer (heap buffer overflow) in S_regmatch - regexec.c:6057
URL
https://hackerone.com/reports/207983
Severity score
null
Reporter
geeknik
Bounty paid
$1,000
Title
Linux kernel: CVE-2017-7308: a signedness issue in AF_PACKET sockets
URL
https://hackerone.com/reports/684567
Severity score
7.8
Reporter
xairy
Bounty paid
null
Title
heap-use-after-free /home/operac/testafl/mruby/mrubylast/mruby/src/gc.c
URL
https://hackerone.com/reports/200821
Severity score
null
Reporter
fms
Bounty paid
$100
Title
Memory corruption when parsing a hostile PHAR archive
URL
https://hackerone.com/reports/195586
Severity score
null
Reporter
aerodudrizzt
Bounty paid
$500
Title
Overreads/overcopies in torsocks
URL
https://hackerone.com/reports/126598
Severity score
null
Reporter
guido
Bounty paid
null
Title
nextcloud.com: Mail Bombing ( No Rate Limiting On Sending Emails On Contact us Page)
URL
https://hackerone.com/reports/145458
Severity score
null
Reporter
iamashishgeek
Bounty paid
null
Title
Potential double free in EVP_DigestInit_ex
URL
https://hackerone.com/reports/135027
Severity score
null
Reporter
guido
Bounty paid
null
Title
No Rate Limiting at /contact
URL
https://hackerone.com/reports/229511
Severity score
null
Reporter
chols
Bounty paid
null
Title
Use of uninitialized value in memarea_strdup (src/common/memarea.c:369)
URL
https://hackerone.com/reports/274997
Severity score
null
Reporter
geeknik
Bounty paid
null
Title
Python 2.7 32-bit JSON encoding heap corruption
URL
https://hackerone.com/reports/172403
Severity score
null
Reporter
guido
Bounty paid
$500
Title
Adobe Flash Player Out-of-Bound Access Vulnerability
URL
https://hackerone.com/reports/47012
Severity score
null
Reporter
hhj4ck
Bounty paid
$2,000
Title
chain.setstate Type Confusion
URL
https://hackerone.com/reports/175091
Severity score
null
Reporter
johnleitch
Bounty paid
$1,000
Title
Out of Bounds Memory Read in php_jpg_get16
URL
https://hackerone.com/reports/665330
Severity score
9.1
Reporter
sediruoksitsero
Bounty paid
$1,500
Title
Out of bound when verify signature of tar phar in phar_parse_tarfile
URL
https://hackerone.com/reports/167896
Severity score
null
Reporter
hoangnguyen
Bounty paid
$500
Title
Heap corruption via Python 2.7.11 IOBase readline()
URL
https://hackerone.com/reports/143022
Severity score
null
Reporter
guido
Bounty paid
$500
Title
Adobe Flash Player Race Condition Vulnerability
URL
https://hackerone.com/reports/119657
Severity score
null
Reporter
hhj4ck
Bounty paid
$2,000
Title
null pointer dereference in set_conversion_mode due uncheck _ctypes_conversion_errors
URL
https://hackerone.com/reports/166080
Severity score
null
Reporter
minhrau
Bounty paid
$500
Title
SIGABRT in only mirb
URL
https://hackerone.com/reports/212882
Severity score
null
Reporter
ston3
Bounty paid
$800
Title
infinite number of new project creation!
URL
https://hackerone.com/reports/8093
Severity score
null
Reporter
faisalahmed
Bounty paid
null
Title
Heapoverflow in zipimporter module
URL
https://hackerone.com/reports/112057
Severity score
null
Reporter
jakkdu
Bounty paid
$1,000
Title
Exploiting Secure Shell (SSH) on mobilelt.lahitapiola.fi
URL
https://hackerone.com/reports/139940
Severity score
null
Reporter
aaditya_purani
Bounty paid
$100
Title
putty pscp client-side post-auth stack buffer overwrite when processing remote file size
URL
https://hackerone.com/reports/120903
Severity score
null
Reporter
hxd
Bounty paid
null
Title
get_icu_value_internal out-of-bounds read
URL
https://hackerone.com/reports/141197
Severity score
null
Reporter
fms
Bounty paid
$500
Title
Heap overflow caused by type confusion vulnerability in merge_param()
URL
https://hackerone.com/reports/172411
Severity score
null
Reporter
rc0r
Bounty paid
$500
Title
Other Buffer Overflow in PHP of the AirMax Products
URL
https://hackerone.com/reports/74004
Severity score
null
Reporter
93c08539
Bounty paid
$500
Title
Too many included lookups
URL
https://hackerone.com/reports/125400
Severity score
null
Reporter
trabajoduro_2
Bounty paid
null
Title
LZMADecompressor.decompress Use After Free
URL
https://hackerone.com/reports/172562
Severity score
null
Reporter
johnleitch
Bounty paid
$1,500
Title
Bime Unable to load Data Sources
URL
https://hackerone.com/reports/141676
Severity score
null
Reporter
anish2good
Bounty paid
null
Title
wddx_deserialize null dereference
URL
https://hackerone.com/reports/161216
Severity score
null
Reporter
fms
Bounty paid
$500
Title
Use-after-free in ArrayObject Deserialization
URL
https://hackerone.com/reports/180909
Severity score
null
Reporter
ryat
Bounty paid
$500
Title
Multiple Heap Overflow due to integer overflows | xml/filter_url/addcslashes
URL
https://hackerone.com/reports/117651
Severity score
null
Reporter
l4w
Bounty paid
$500
Title
Out of bound read in exif_process_IFD_in_MAKERNOTE
URL
https://hackerone.com/reports/152231
Severity score
null
Reporter
hoangnguyen
Bounty paid
$1,000
Title
heap-buffer-overflow on mruby
URL
https://hackerone.com/reports/192665
Severity score
null
Reporter
ahihi
Bounty paid
$100
Title
Double free of filename after codegen error
URL
https://hackerone.com/reports/193719
Severity score
null
Reporter
titanous
Bounty paid
$200
Title
Adobe Flash Player ShimContentFactory class Memory Corruption Vulnerability
URL
https://hackerone.com/reports/145265
Severity score
null
Reporter
hhj4ck
Bounty paid
$2,000
Title
CVE-2016-7418 PHP Out-Of-Bounds Read in php_wddx_push_element
URL
https://hackerone.com/reports/170618
Severity score
null
Reporter
hacker2nd
Bounty paid
$500
Title
apps.owncloud.com: SSL Server Allows Anonymous Authentication Vulnerability (SMTP)
URL
https://hackerone.com/reports/83803
Severity score
null
Reporter
ashesh
Bounty paid
null
Title
smartlist_add, smartlist_insert (may) cause heap corruption as a result of inadequate checks in smartlist_ensure_capacity
URL
https://hackerone.com/reports/112386
Severity score
null
Reporter
guido
Bounty paid
$500
Title
CVE-2016-3183 OpenJPEG sycc422_to_rgb Out-of-Bounds Read Vulnerability
URL
https://hackerone.com/reports/167947
Severity score
null
Reporter
hacker2nd
Bounty paid
null
Title
Certain inputs cause tight C-level recursion leading to process stack overflow
URL
https://hackerone.com/reports/189633
Severity score
8.6
Reporter
dkasak
Bounty paid
$10,000
Title
Adobe Flash Player ShimContentResolver(resolverType=0) class Memory Corruption Vulnerability
URL
https://hackerone.com/reports/145271
Severity score
null
Reporter
hhj4ck
Bounty paid
$2,000
Title
integer overflow in fgetcsv caused heap corruption
URL
https://hackerone.com/reports/167911
Severity score
null
Reporter
minhrau
Bounty paid
$500
Title
Use-After-Free / Double-Free in WDDX Deserialize
URL
https://hackerone.com/reports/116372
Severity score
null
Reporter
l4w
Bounty paid
$500
Title
UAF in xmlparser_setevents (2)
URL
https://hackerone.com/reports/112860
Severity score
null
Reporter
pakt_
Bounty paid
$500
Title
CVE-2016-7163 OpenJPEG opj_pi_create_decode Integer Overflow Vulnerability
URL
https://hackerone.com/reports/167512
Severity score
null
Reporter
hacker2nd
Bounty paid
null
Title
e.mail.ru: File upload "Chapito" circus
URL
https://hackerone.com/reports/20616
Severity score
null
Reporter
isox
Bounty paid
$1,000
Title
Python 2.7 strop.replace Integer Overflow
URL
https://hackerone.com/reports/129771
Severity score
null
Reporter
johnleitch
Bounty paid
$500
Title
Format string implementation vulnerability, resulting in code execution
URL
https://hackerone.com/reports/271330
Severity score
null
Reporter
aerodudrizzt
Bounty paid
$500
Title
money.mail.ru: Странное поведение SMS
URL
https://hackerone.com/reports/23852
Severity score
null
Reporter
isox
Bounty paid
$150
Title
Integer overflow in ZipArchive::getFrom*
URL
https://hackerone.com/reports/135152
Severity score
null
Reporter
hji
Bounty paid
$1,500
Title
Read after free in mrb_vm_exec with OP_ARYCAT reading R(B)
URL
https://hackerone.com/reports/184715
Severity score
null
Reporter
haquaman
Bounty paid
$1,000
Title
Heap use-after-free in mrb_vm_exec
URL
https://hackerone.com/reports/207710
Severity score
null
Reporter
mg36
Bounty paid
$800
Title
Invalid parameter in memcpy function trough openssl_pbkdf2
URL
https://hackerone.com/reports/190933
Severity score
null
Reporter
emyei
Bounty paid
$500
Title
integer overflow in base64_decode caused heap corruption
URL
https://hackerone.com/reports/159954
Severity score
null
Reporter
minhrau
Bounty paid
$500
Title
Heap overflow in curl_escape
URL
https://hackerone.com/reports/160295
Severity score
null
Reporter
hoangnguyen
Bounty paid
$500
Title
Adobe Flash Player ShimAdPolicySelector(adPolicySelectorType=0) class Memory Corruption
URL
https://hackerone.com/reports/151040
Severity score
null
Reporter
hhj4ck
Bounty paid
$2,000
Title
Arbitary Memory Read via gdImageRotateInterpolated Array Index Out of Bounds
URL
https://hackerone.com/reports/110720
Severity score
null
Reporter
libnex
Bounty paid
$500
Title
Use After Free Vulnerability in WDDX Packet Deserialization
URL
https://hackerone.com/reports/108681
Severity score
null
Reporter
ryat
Bounty paid
$500
Title
EVP_EncryptUpdate overflow (CVE-2016-2106)
URL
https://hackerone.com/reports/135945
Severity score
null
Reporter
guido
Bounty paid
$500
Title
CVE-2016-3182 OpenJPEG color_esycc_to_rgb Out-of-Bounds Read Vulnerability
URL
https://hackerone.com/reports/167953
Severity score
null
Reporter
hacker2nd
Bounty paid
null
Title
Invalid memory access in php_basename function
URL
https://hackerone.com/reports/180591
Severity score
null
Reporter
jot
Bounty paid
$500
Title
Use After Free in PHP7 unserialize()
URL
https://hackerone.com/reports/182474
Severity score
null
Reporter
ryat
Bounty paid
$1,000
Title
CVE-2017-5204: The IPv6 parser in tcpdump before 4.9.0 has a buffer overflow in print-ip6.c:ip6_print()
URL
https://hackerone.com/reports/202960
Severity score
7.3
Reporter
geeknik
Bounty paid
$500
Title
Adobe Flash Player ShimContentFactory.retrieveResolvers Memory Corruption Vulnerability
URL
https://hackerone.com/reports/145266
Severity score
null
Reporter
hhj4ck
Bounty paid
$2,000
Title
Heap overflow in H. Spencer’s regex library on 32 bit systems
URL
https://hackerone.com/reports/47779
Severity score
null
Reporter
guido
Bounty paid
$3,000
Title
[FG-VD-19-009] Intel(R) Trace Analyzer and Collector 2019 Memory Corruption Vulnerability Notification
URL
https://hackerone.com/reports/483572
Severity score
null
Reporter
kushal89shah
Bounty paid
$1,500
Title
Missing restriction on string size of Full Name at https://demo.weblate.org/accounts/register/
URL
https://hackerone.com/reports/223454
Severity score
null
Reporter
sumit7
Bounty paid
null
Title
Inadequate error handling in bzread()
URL
https://hackerone.com/reports/152772
Severity score
null
Reporter
hji
Bounty paid
$1,500
Title
CVE-2016-5157 OpenJPEG opj_dwt_interleave_v Out-of-Bounds Write Vulnerability
URL
https://hackerone.com/reports/167510
Severity score
null
Reporter
hacker2nd
Bounty paid
null
Title
integer overflow in fgets cause heap corruption
URL
https://hackerone.com/reports/167908
Severity score
null
Reporter
minhrau
Bounty paid
$500
Title
Missing Restriction On String Size
URL
https://hackerone.com/reports/257376
Severity score
0
Reporter
alyanwarr
Bounty paid
null
Title
Use After Free Vulnerability in array_walk()/array_walk_recursive()
URL
https://hackerone.com/reports/155223
Severity score
null
Reporter
ryat
Bounty paid
$500
Title
SIGSEGV in array_copy - array.c:71
URL
https://hackerone.com/reports/218567
Severity score
null
Reporter
ilsani
Bounty paid
$800
Title
heap-use-after-free in mrb_vm_exec - vm.c:1247
URL
https://hackerone.com/reports/222294
Severity score
null
Reporter
ilsani
Bounty paid
$800
Title
Bad Write in TTF font parsing (win32k.sys)
URL
https://hackerone.com/reports/48100
Severity score
null
Reporter
dirtybit
Bounty paid
$5,000
Title
Heap use-after-free during range creation
URL
https://hackerone.com/reports/194884
Severity score
null
Reporter
titanous
Bounty paid
$200
Title
kh_get_n2s() stack overrun
URL
https://hackerone.com/reports/192578
Severity score
null
Reporter
mg36
Bounty paid
$800
Title
Bug in Source Code Files(v1.1)
URL
https://hackerone.com/reports/5466
Severity score
null
Reporter
robin
Bounty paid
null
Title
Adobe Flash Player TimedEvent.parent Memory Corruption Vulnerability
URL
https://hackerone.com/reports/151039
Severity score
null
Reporter
hhj4ck
Bounty paid
$5,000
Title
Double-free in X509 parsing
URL
https://hackerone.com/reports/175230
Severity score
null
Reporter
guido
Bounty paid
null
Title
integer overflow in imap_binary caused heap corruption
URL
https://hackerone.com/reports/167906
Severity score
null
Reporter
minhrau
Bounty paid
$500
Title
Stack overflow when decompressing tar archives
URL
https://hackerone.com/reports/114024
Severity score
null
Reporter
hji
Bounty paid
$500
Title
Heap buffer overflow in mruby value_move
URL
https://hackerone.com/reports/209765
Severity score
null
Reporter
sukhoi
Bounty paid
$800
Title
EBCDIC overread (CVE-2016-2176)
URL
https://hackerone.com/reports/135946
Severity score
null
Reporter
guido
Bounty paid
$500
Title
imagecolormatch Out Of Bounds Write on Heap
URL
https://hackerone.com/reports/478368
Severity score
8.8
Reporter
simonscannell
Bounty paid
$1,500
Title
Memory Corruption in During Deserialized-object Destruction
URL
https://hackerone.com/reports/167931
Severity score
null
Reporter
ryat
Bounty paid
$500
Title
sprintf combined format string attack
URL
https://hackerone.com/reports/212241
Severity score
null
Reporter
aerodudrizzt
Bounty paid
$1,000
Title
Buffer underflow in sprintf
URL
https://hackerone.com/reports/192127
Severity score
null
Reporter
haquaman
Bounty paid
$500
Title
Adobe Flash Player ShimContentResolver(resolverType=1) class Memory Corruption Vulnerability
URL
https://hackerone.com/reports/145272
Severity score
null
Reporter
hhj4ck
Bounty paid
$2,000
Title
SIGABRT in sym_validate_len - symbol.c:44
URL
https://hackerone.com/reports/218803
Severity score
null
Reporter
ilsani
Bounty paid
$100
Title
libtiff 4.0.6 segfault / read outside of buffer (CVE-2016-9297)
URL
https://hackerone.com/reports/182140
Severity score
null
Reporter
geeknik
Bounty paid
$500
Title
integer overflow in recode_string caused heap corruption
URL
https://hackerone.com/reports/167909
Severity score
null
Reporter
minhrau
Bounty paid
$500
Title
HTTP/2 Denial of Service Vulnerability
URL
https://hackerone.com/reports/335533
Severity score
7.5
Reporter
jzebor
Bounty paid
null
Title
Adobe Flash Player ASnative(900,1).call(MovieClip) Use-After-Free Vulnerability
URL
https://hackerone.com/reports/119653
Severity score
null
Reporter
hhj4ck
Bounty paid
$2,000
Title
Use After Free in sortWithSortKeys()
URL
https://hackerone.com/reports/109175
Severity score
null
Reporter
libnex
Bounty paid
$1,000
Title
php_snmp_parse_oid integer overflow in memory allocation
URL
https://hackerone.com/reports/178094
Severity score
null
Reporter
fwh
Bounty paid
$500
Title
memcpy negative size parameter in php_resolve_path
URL
https://hackerone.com/reports/175311
Severity score
null
Reporter
fms
Bounty paid
$500
Title
kh_put_iv SEGFAULT - mruby 1.2.0
URL
https://hackerone.com/reports/217610
Severity score
null
Reporter
ilsani
Bounty paid
$800
Title
Buffer overflow in HTTP parse_hostinfo(), parse_userinfo() and parse_scheme()
URL
https://hackerone.com/reports/174069
Severity score
null
Reporter
rc0r
Bounty paid
$1,000
Title
Stack Buffer Overflow in GD dynamicGetbuf
URL
https://hackerone.com/reports/175587
Severity score
null
Reporter
libnex
Bounty paid
$1,500