TOPINTERNETBUGBOUNTY.md

June 21, 2026 · View on GitHub

Top reports from Internet Bug Bounty program at HackerOne:

  1. CRLF Injection in urllib to Internet Bug Bounty - 341 upvotes, $0
  2. Key Reinstallation Attacks: Breaking WPA2 by forcing nonce reuse to Internet Bug Bounty - 191 upvotes, $0
  3. Apache HTTP [2.4.17-2.4.38] Local Root Privilege Escalation to Internet Bug Bounty - 121 upvotes, $1500
  4. A reflected XSS in python/Lib/DocXMLRPCServer.py to Internet Bug Bounty - 118 upvotes, $0
  5. Apache Airflow: Sensitive Information Exposure in DAG Run Logs to Internet Bug Bounty - 112 upvotes, $0
  6. Ubuntu Linux privilege escalation (dirty_sock) to Internet Bug Bounty - 103 upvotes, $0
  7. Path traversal and file disclosure vulnerability in Apache HTTP Server 2.4.49 to Internet Bug Bounty - 96 upvotes, $4000
  8. JWT audience claim is not verified to Internet Bug Bounty - 96 upvotes, $0
  9. Possibility of Request smuggling attack to Internet Bug Bounty - 93 upvotes, $4660
  10. CVE-2022-40604: Apache Airflow: Format String Vulnerability to Internet Bug Bounty - 87 upvotes, $8000
  11. CVE-2024-27281: RCE vulnerability with .rdoc_options in RDoc to Internet Bug Bounty - 87 upvotes, $4860
  12. moderate: Apache HTTP Server: mod_rewrite proxy handler substitution (CVE-2024-39573) CWE-20 Improper Input Validation to Internet Bug Bounty - 87 upvotes, $2600
  13. Deadlock in x86 HVM standard VGA handling to Internet Bug Bounty - 86 upvotes, $2162
  14. CVE-2024-41990: Potential denial-of-service in django.utils.html.urlize() to Internet Bug Bounty - 83 upvotes, $2162
  15. Possible Sensitive Session Information Leak in Active Storage to Internet Bug Bounty - 82 upvotes, $4323
  16. Integrity checks according to policies can be circumvented in Node.js 20 and Node.js 18 to Internet Bug Bounty - 82 upvotes, $1270
  17. In correct casting from size_t to int lead to heap overflow in mcrypt_generic to Internet Bug Bounty - 81 upvotes, $1000
  18. Secrets not masked in UI when sensitive variables are set via Airflow cli to Internet Bug Bounty - 78 upvotes, $0
  19. Libuv: Improper Domain Lookup that potentially leads to SSRF attacks to Internet Bug Bounty - 74 upvotes, $4860
  20. HTTP Smuggling multiple issues in Squid 3.x & squid 4.x to Internet Bug Bounty - 74 upvotes, $0
  21. Pause-based desync in Apache HTTPD to Internet Bug Bounty - 73 upvotes, $4000
  22. Heap Buffer Overflow (READ: 4) in phar_parse_pharfile to Internet Bug Bounty - 72 upvotes, $0
  23. CVE-2024-41937: Apache Airflow: Stored XSS Vulnerability on provider link to Internet Bug Bounty - 70 upvotes, $497
  24. GMP Deserialization Type Confusion Vulnerability [MyBB <= 1.8.3 RCE Vulnerability] to Internet Bug Bounty - 68 upvotes, $0
  25. Path traversal by monkey-patching Buffer internals to Internet Bug Bounty - 67 upvotes, $2430
  26. Type Confusion Vulnerability - SOAP / make_http_soap_request() to Internet Bug Bounty - 64 upvotes, $1000
  27. CVE-2024-53908: Django Potential SQL injection in HasKey(lhs, rhs) on Oracle to Internet Bug Bounty - 61 upvotes, $0
  28. CVE-2024-34750 Apache Tomcat DoS vulnerability in HTTP/2 connector to Internet Bug Bounty - 60 upvotes, $4920
  29. CVE-2022-40127: RCE in Apache Airflow <2.4.0 bash example to Internet Bug Bounty - 60 upvotes, $4000
  30. [CVE-2024-47888] Possible ReDoS vulnerability in plain_text_for_blockquote_node in Action Text to Internet Bug Bounty - 60 upvotes, $505
  31. Out-of-bounds read in iconv.c:_php_iconv_mime_decode() due to integer overflow to Internet Bug Bounty - 58 upvotes, $1500
  32. Inappropriate URL parsing may cause security risk! to Internet Bug Bounty - 58 upvotes, $1000
  33. CVE-2024-21733 Apache Tomcat HTTP Request Smuggling (Client- Side Desync) (CWE: 444) to Internet Bug Bounty - 57 upvotes, $4660
  34. curl HSTS long file name clears contents to Internet Bug Bounty - 57 upvotes, $0
  35. Apache Airflow Fab Provider: Application does not invalidate session after password change via Airflow cli to Internet Bug Bounty - 57 upvotes, $0
  36. Possible DoS Vulnerability with Range Header in Rack to Internet Bug Bounty - 56 upvotes, $5420
  37. CVE-2025-24813: Remote Code Execution and/or Information disclosure and/or malicious content added to uploaded files via write enabled Default Servlet to Internet Bug Bounty - 56 upvotes, $4323
  38. ReDoS Vulnerability in HTTP Accept Headers Parsing to Internet Bug Bounty - 55 upvotes, $2642
  39. Proxy-Authorization header not cleared on cross-origin redirect in undici.request to Internet Bug Bounty - 54 upvotes, $420
  40. CVE-2024-45498: Apache Airflow Command injection in read_dataset_event_from_classic DAG to Internet Bug Bounty - 54 upvotes, $0
  41. std::process::Command batch files argument escaping could be bypassed with trailing whitespace or periods to Internet Bug Bounty - 53 upvotes, $505
  42. CVE-2024-42005: Potential SQL injection in QuerySet.values() and values_list() to Internet Bug Bounty - 52 upvotes, $4263
  43. Integer overflow leading to buffer overflow to Internet Bug Bounty - 52 upvotes, $0
  44. Request Smuggling in Apache Tomcat (Important, CVE-2023-45648) to Internet Bug Bounty - 51 upvotes, $4660
  45. ReDoS( Ruby, Time) to Internet Bug Bounty - 51 upvotes, $4000
  46. Buffer overflow in PyCArg_repr in _ctypes/callproc.c for Python 3.x to 3.9.1 to Internet Bug Bounty - 51 upvotes, $1500
  47. important: Apache HTTP Server weakness with encoded question marks in backreferences (CVE-2024-38474) to Internet Bug Bounty - 50 upvotes, $4920
  48. CVE-2023-42663: Apache Airflow: Bypass permission verification to view task instances of other dags to Internet Bug Bounty - 50 upvotes, $540
  49. Heap overflow in mysqlnd related to BIT fields (CVE-2016-7412) to Internet Bug Bounty - 50 upvotes, $0
  50. ASAR Integrity bypass via filetype confusion to Internet Bug Bounty - 49 upvotes, $2540
  51. CVE-2024-41989: Denial-Of-Service vulnerability in the floatformat template filter when input string contains a big exponent in scientific notation to Internet Bug Bounty - 49 upvotes, $2142
  52. netrc and redirect credential leak to Internet Bug Bounty - 49 upvotes, $505
  53. Race Conditions in OAuth 2 API implementations to Internet Bug Bounty - 49 upvotes, $0
  54. CVE-2024-2466: TLS certificate check bypass with mbedTLS (reward request) to Internet Bug Bounty - 48 upvotes, $2580
  55. Potential DoS vulnerability in Django in multipart parser to Internet Bug Bounty - 47 upvotes, $2400
  56. DNS rebinding in --inspect (insufficient fix of CVE-2022-32212 affecting macOS devices) to Internet Bug Bounty - 46 upvotes, $4200
  57. CVE-2024-32760 in nginx to Internet Bug Bounty - 46 upvotes, $2600
  58. CVE-2022-24288: Apache Airflow: TWO RCEs in example DAGs to Internet Bug Bounty - 46 upvotes, $0
  59. CVE-2024-43398: DoS vulnerability in REXML to Internet Bug Bounty - 45 upvotes, $505
  60. important: Apache HTTP Server on WIndows UNC SSRF (CVE-2024-38472) to Internet Bug Bounty - 44 upvotes, $4920
  61. Path traversal through path stored in Uint8Array in Node.js 20 to Internet Bug Bounty - 44 upvotes, $3495
  62. Improper handling of wildcards in --allow-fs-read and --allow-fs-write to Internet Bug Bounty - 44 upvotes, $1290
  63. DOS in stream filters to Internet Bug Bounty - 44 upvotes, $0
  64. Possible ReDoS vulnerability in query parameter filtering in Action Dispatch to Internet Bug Bounty - 44 upvotes, $0
  65. Open Redirect Vulnerability in Action Pack to Internet Bug Bounty - 43 upvotes, $2400
  66. CVE-2024-7347: Buffer overread in the ngx_http_mp4_module to Internet Bug Bounty - 43 upvotes, $2142
  67. Integer overflow in CipherUpdate to Internet Bug Bounty - 43 upvotes, $0
  68. Denial of Service caused by HTTP/2 CONTINUATION Flood to Internet Bug Bounty - 42 upvotes, $4860
  69. Permission model improperly protects against path traversal in Node.js 20 to Internet Bug Bounty - 42 upvotes, $2330
  70. CVE-2019-11043: a buffer underflow in fpm_main.c can lead to RCE in php-fpm to Internet Bug Bounty - 42 upvotes, $1500
  71. Int Overflow lead to Heap OverFlow in exif_thumbnail_extract of exif.c to Internet Bug Bounty - 42 upvotes, $0
  72. CVE-2024-2398: HTTP/2 push headers memory-leak to Internet Bug Bounty - 42 upvotes, $0
  73. OpenSSL vulnerable to the Marvin Attack (CVE-2022-4304) to Internet Bug Bounty - 41 upvotes, $2540
  74. http: Reading unprocessed HTTP request with unbounded chunk extension allows DoS attacks to Internet Bug Bounty - 40 upvotes, $3495
  75. Apache HTTP Server: HTTP/2 DoS by memory exhaustion on endless continuation frames to Internet Bug Bounty - 40 upvotes, $2580
  76. curl cookie mixed case PSL bypass to Internet Bug Bounty - 40 upvotes, $2540
  77. Rails ActionView sanitize helper bypass leading to XSS using SVG tag. to Internet Bug Bounty - 40 upvotes, $2400
  78. mb_strtolower (UTF-32LE): stack-buffer-overflow at php_unicode_tolower_full (CVE-2020-7065) to Internet Bug Bounty - 40 upvotes, $0
  79. Assertion failed in node::http2::Http2Session::~Http2Session() leads to HTTP/2 server crash to Internet Bug Bounty - 39 upvotes, $3645
  80. Command Injection using malicious hostname in expanded proxycommand to Internet Bug Bounty - 39 upvotes, $540
  81. RCE via ssh:// URIs in multiple VCS to Internet Bug Bounty - 39 upvotes, $0
  82. CVE-2024-2379: QUIC certificate check bypass with wolfSSL to Internet Bug Bounty - 37 upvotes, $560
  83. Misconfiguration in AWS CloudFront CDN configuration makes rubygems.org serve (and cache) content from a unclaimed S3-bucket to Internet Bug Bounty - 37 upvotes, $0
  84. CVE-2022-27774: Credential leak on redirect to Internet Bug Bounty - 36 upvotes, $2400
  85. Buffer overflow in req_parsebody method in lua_request.c to Internet Bug Bounty - 36 upvotes, $0
  86. Double free vulnerability in Flash Player Settings Manager (CVE-2015-0346) to Internet Bug Bounty - 35 upvotes, $5000
  87. PHP mbstring / Oniguruma multiple remote heap/stack corruptions to Internet Bug Bounty - 35 upvotes, $1500
  88. Unbounded memory growth with session handling in TLSv1.3 to Internet Bug Bounty - 35 upvotes, $497
  89. ACME TLS-SNI-01/02 challenge vulnerable when combined with shared hosting providers to Internet Bug Bounty - 35 upvotes, $0
  90. Argo CD CSRF leads to Kubernetes cluster compromise to Internet Bug Bounty - 34 upvotes, $4660
  91. Apache Airflow Sql injection by authenticated user to Internet Bug Bounty - 34 upvotes, $505
  92. 1-byte heap buffer overflow in DNS resolver to Internet Bug Bounty - 34 upvotes, $0
  93. [CVE-2023-38546] cookie injection with none file to Internet Bug Bounty - 34 upvotes, $0
  94. DiffieHellman doesn't generate keys after setting a key to Internet Bug Bounty - 33 upvotes, $1800
  95. fs.fchown/fchmod bypasses permission model to Internet Bug Bounty - 33 upvotes, $249
  96. CVE-2024-25128: Apache Airflow: Authentication Bypass when Legacy OpenID(2.0) is in use as AUTH_TYPE to Internet Bug Bounty - 33 upvotes, $0
  97. CVE-2024-49761: ReDoS vulnerability in REXML to Internet Bug Bounty - 33 upvotes, $0
  98. [CVE-2024-32464] ActionText ContentAttachment’s can Contain Unsanitized HTML to Internet Bug Bounty - 32 upvotes, $2600
  99. CVE-2024-31079 in nginx to Internet Bug Bounty - 32 upvotes, $2600
  100. Possible XSS Vulnerability in Action Controller to Internet Bug Bounty - 32 upvotes, $1068
  101. CVE-2023-40611: Apache Airflow Dag Runs Broken Access Control Vulnerability to Internet Bug Bounty - 32 upvotes, $0
  102. important: Apache HTTP Server may use exploitable/malicious backend application output to run local handlers via internal redirect (CVE-2024-38476) to Internet Bug Bounty - 31 upvotes, $4920
  103. TLS client authentication can be bypassed due to ticket resumption to Internet Bug Bounty - 31 upvotes, $2162
  104. Ruby CVE-2021-41819: Cookie Prefix Spoofing in CGI::Cookie.parse to Internet Bug Bounty - 31 upvotes, $2000
  105. Information disclosure in mmap module - python 2.7.12 to Internet Bug Bounty - 31 upvotes, $0
  106. Windows only: arbitrary file read vulnerability in openssl s_server to Internet Bug Bounty - 31 upvotes, $0
  107. curl: stack-buffer overread during punycode conversions to Internet Bug Bounty - 31 upvotes, $0
  108. important: Apache HTTP Server weakness in mod_rewrite when first segment of substitution matches filesystem path. (CVE-2024-38475) to Internet Bug Bounty - 30 upvotes, $4920
  109. RCE vulnerability in apache-airflow-providers-apache-sqoop 3.1.0 to Internet Bug Bounty - 30 upvotes, $2400
  110. Usage of disabled protocol in curl to Internet Bug Bounty - 30 upvotes, $560
  111. Proxy-Authorization header is not cleared in cross-domain redirect in undici to Internet Bug Bounty - 30 upvotes, $405
  112. Permissions policies can be bypassed via Module._load and require.extensions (High) (CVE-2023-30587) to Internet Bug Bounty - 29 upvotes, $1165
  113. Path Traversal and Remote Code Execution in Apache HTTP Server 2.4.49 and 2.4.50 (incomplete fix of CVE-2021-41773) (CVE-2021-42013) to Internet Bug Bounty - 29 upvotes, $1000
  114. Apache Airflow: Bypass permission verification to read code of other dags to Internet Bug Bounty - 29 upvotes, $540
  115. ZeroMQ libzmq remote code execution to Internet Bug Bounty - 29 upvotes, $0
  116. Mailsploit: a sender spoofing bug in over 30 email clients to Internet Bug Bounty - 29 upvotes, $0
  117. UrnState Heap Overflow to Internet Bug Bounty - 29 upvotes, $0
  118. [CVE-2024-54133] Possible Content Security Policy bypass in Action Dispatch to Internet Bug Bounty - 29 upvotes, $0
  119. CVE-2024-56374 Potential denial-of-service in IPv6 validation to Internet Bug Bounty - 29 upvotes, $0
  120. CVE-2023-46695: Potential denial of service vulnerability in UsernameField on Windows to Internet Bug Bounty - 28 upvotes, $2540
  121. Local Privilege Escalation during execution of VeraCryptExpander.exe (UAC bypass) to Internet Bug Bounty - 28 upvotes, $1250
  122. [CVE-2024-25126] Denial of Service Vulnerability in Rack Content-Type Parsing to Internet Bug Bounty - 28 upvotes, $0
  123. important: Apache HTTP Server: Crash resulting in Denial of Service in mod_proxy via a malicious request (CVE-2024-38477) to Internet Bug Bounty - 27 upvotes, $4920
  124. 4 severe remote + several minor OpenVPN vulnerabilities to Internet Bug Bounty - 27 upvotes, $0
  125. CVE-2022-27779: cookie for trailing dot TLD to Internet Bug Bounty - 27 upvotes, $0
  126. [CVE-2024-26146] Header Parsing leads to Possible Denial of Service Vulnerability to Internet Bug Bounty - 27 upvotes, $0
  127. CVE-2022-28738: Double free in Regexp compilation to Internet Bug Bounty - 26 upvotes, $4000
  128. Path Traversal and Remote Code Execution in Apache HTTP Server 2.4.50 to Internet Bug Bounty - 26 upvotes, $1000
  129. CVE-2023-40273: Session fixation in Apache Airflow web interface to Internet Bug Bounty - 26 upvotes, $540
  130. DOMPurify bypass to Internet Bug Bounty - 26 upvotes, $0
  131. CVE-2019-1551: rsaz_512_sqr overflow bug on x86_64 to Internet Bug Bounty - 26 upvotes, $0
  132. Regexes with large repetitions on empty sub-expressions take a very long time to parse to Internet Bug Bounty - 25 upvotes, $4000
  133. CVE-2024-56374: Denial-of-service vulnerability in IPv6 validation to Internet Bug Bounty - 25 upvotes, $2162
  134. ActionView sanitize helper bypass with 'style' and 'svg' tags to Internet Bug Bounty - 25 upvotes, $0
  135. CVE-2023-49920: Apache Airflow: Missing CSRF protection on DAG/trigger to Internet Bug Bounty - 24 upvotes, $0
  136. CVE-2024-0853: OCSP verification bypass with TLS session reuse to Internet Bug Bounty - 24 upvotes, $0
  137. CVE-2025-0725: Heap overflow in curl with Content-Encoding gzip and old libz versions to Internet Bug Bounty - 24 upvotes, $0
  138. [SECURITY] CVE-2024-50379 Apache Tomcat - RCE via write-enabled default servlet to Internet Bug Bounty - 24 upvotes, $0
  139. select_colors write out-of-bounds to Internet Bug Bounty - 23 upvotes, $1000
  140. CVE-2022-27776: Auth/cookie leak on redirect to Internet Bug Bounty - 23 upvotes, $480
  141. TLS Virtual Host Confusion to Internet Bug Bounty - 23 upvotes, $0
  142. CVE-2018-6797: A crafted regular expression can cause a heap buffer write overflow in Perl 5 giving a remote attacker control over bytes written to Internet Bug Bounty - 23 upvotes, $0
  143. URN Request bypass ACL Checks to Internet Bug Bounty - 23 upvotes, $0
  144. CVE-2023-47037: Airflow Broken Access Control Vulnerability to Internet Bug Bounty - 23 upvotes, $0
  145. [CVE-2024-26142] ReDoS vulnerability in Accept header parsing in Action Dispatch to Internet Bug Bounty - 23 upvotes, $0
  146. Denial of Service by memory exhaustion in net/imap to Internet Bug Bounty - 23 upvotes, $0
  147. CVE-2022-23519: Rails::Html::SafeListSanitizer vulnerable to XSS when certain tags are allowed (math+style || svg+style) to Internet Bug Bounty - 22 upvotes, $2400
  148. CVE-2023-28710 Apache Airflow Spark Provider Arbitrary File Read via JDBC to Internet Bug Bounty - 22 upvotes, $2400
  149. Request line injection via HTTP/2 in Apache mod_proxy to Internet Bug Bounty - 22 upvotes, $1200
  150. OpenSSH: Memory corruption in AES-GCM support to Internet Bug Bounty - 22 upvotes, $0
  151. Insufficient shell characters filtering leads to (potentially remote) code execution (CVE-2016-3714) to Internet Bug Bounty - 22 upvotes, $0
  152. ap_find_token() Buffer Overread to Internet Bug Bounty - 22 upvotes, $0
  153. Cache Manager ACL Bypass to Internet Bug Bounty - 22 upvotes, $0
  154. CVE-2022-38362: Apache Airflow Docker Provider <3.0 RCE vulnerability in example dag to Internet Bug Bounty - 22 upvotes, $0
  155. #2931639 ActionView sanitize helper bypass with math-related tags to Internet Bug Bounty - 22 upvotes, $0
  156. ActionView sanitize helper bypass with noscript to Internet Bug Bounty - 22 upvotes, $0
  157. CVE-2024-35200 in nginx to Internet Bug Bounty - 21 upvotes, $2600
  158. [curl] CVE-2023-32001: fopen race condition to Internet Bug Bounty - 21 upvotes, $2480
  159. Apache HTTP Server: mod_proxy_ajp: Possible request smuggling to Internet Bug Bounty - 21 upvotes, $2400
  160. CVE-2023-27535: FTP too eager connection reuse to Internet Bug Bounty - 21 upvotes, $2400
  161. Renderers can obtain access to random bluetooth device without permission to Internet Bug Bounty - 21 upvotes, $480
  162. Drupal 7 pre auth sql injection and remote code execution to Internet Bug Bounty - 21 upvotes, $0
  163. Out of Bounds Memory Read in exif_scan_thumbnail to Internet Bug Bounty - 20 upvotes, $1500
  164. Cookie headers are not cleared in cross-domain redirect in undici-fetch to Internet Bug Bounty - 20 upvotes, $405
  165. Some build dependencies are downloaded over an insecure channel (without subsequent integrity checks) to Internet Bug Bounty - 20 upvotes, $100
  166. Multiple HTTP Smuggling reports to Internet Bug Bounty - 20 upvotes, $0
  167. CVE-2024-27351: Potential regular expression denial-of-service in django.utils.text.Truncator.words() to Internet Bug Bounty - 20 upvotes, $0
  168. ActionView sanitize helper bypass with style and math to Internet Bug Bounty - 20 upvotes, $0
  169. important: Apache HTTP Server: SSRF with mod_rewrite in server/vhost context on Windows (CVE-2024-40898) to Internet Bug Bounty - 19 upvotes, $4263
  170. moderate: Apache HTTP Server: HTTP response splitting (CVE-2023-38709) to Internet Bug Bounty - 19 upvotes, $2600
  171. Privilege Esacalation at Apache Airflow 2.5.1 to Internet Bug Bounty - 19 upvotes, $2400
  172. [CVE-2024-35176] DoS vulnerability in REXML to Internet Bug Bounty - 19 upvotes, $2142
  173. CVE-2023-42780: Apache Airflow: Improper access control vulnerability in the "List dag warnings" feature to Internet Bug Bounty - 19 upvotes, $540
  174. CVE-2022-27775: Bad local IPv6 connection reuse to Internet Bug Bounty - 19 upvotes, $480
  175. GNU Bourne-Again Shell (Bash) 'Shellshock' Vulnerability to Internet Bug Bounty - 19 upvotes, $0
  176. CVE-2022-45402: Apache Airflow: Open redirect during login to Internet Bug Bounty - 19 upvotes, $0
  177. ActionView sanitize helper bypass with style to Internet Bug Bounty - 19 upvotes, $0
  178. [CVE-2025-27219] Denial of Service in CGI::Cookie.parse to Internet Bug Bounty - 19 upvotes, $0
  179. Use of Cryptographically Weak Pseudo-Random Number Generator in WebCrypto keygen to Internet Bug Bounty - 18 upvotes, $4000
  180. CVE-2024-45230 - Potential denial-of-service in django.utils.html.urlize() (Another pattern) to Internet Bug Bounty - 18 upvotes, $2162
  181. Argo CD reconciles apps outside configured namespaces when sharding is enabled to Internet Bug Bounty - 18 upvotes, $2000
  182. SPDY memory corruption to Internet Bug Bounty - 18 upvotes, $0
  183. [CVE-2018-18312] regcomp: heap-buffer-overflow write / reg_node overrun to Internet Bug Bounty - 18 upvotes, $0
  184. Buffer Overflow in ext_lm_group_acl helper to Internet Bug Bounty - 18 upvotes, $0
  185. Possible DoS by memory exhaustion in net/imap to Internet Bug Bounty - 18 upvotes, $0
  186. mod_userdir CRLF injection (CVE-2016-4975) to Internet Bug Bounty - 17 upvotes, $500
  187. Leak of sensitive values to Airflow rendered template to Internet Bug Bounty - 17 upvotes, $480
  188. Flash “local-with-filesystem” Bypass in navigateToURL to Internet Bug Bounty - 17 upvotes, $0
  189. Squid as reverse proxy RCE and data leak to Internet Bug Bounty - 17 upvotes, $0
  190. Node.js - DLL Hijacking on Windows to Internet Bug Bounty - 17 upvotes, $0
  191. Secrets can be unmasked in the "Rendered Template" to Internet Bug Bounty - 17 upvotes, $0
  192. CVE-2024-3416: MTU of 4096 or greater without fragmentation may cause NGINX worker processes to leak previously freed memory to Internet Bug Bounty - 16 upvotes, $2600
  193. moderate: Apache HTTP Server proxy encoding problem (CVE-2024-38473) to Internet Bug Bounty - 16 upvotes, $2600
  194. LZMADecompressor.decompress Use After Free to Internet Bug Bounty - 16 upvotes, $1500
  195. efree() on uninitialized Heap data in imagescale leads to use-after-free to Internet Bug Bounty - 16 upvotes, $1500
  196. PHP openssl_x509_parse() Memory Corruption Vulnerability to Internet Bug Bounty - 16 upvotes, $0
  197. PHP Session Data Injection Vulnerability to Internet Bug Bounty - 16 upvotes, $0
  198. Disabling context isolation, nodeIntegrationInSubFrames using an unauthorised frame. to Internet Bug Bounty - 16 upvotes, $0
  199. Pickle deserialization vulnerability in XComs to Internet Bug Bounty - 16 upvotes, $0
  200. ReDoS (Rails::Html::PermitScrubber.scrub_attribute) to Internet Bug Bounty - 15 upvotes, $4000
  201. CVE-2022-23520: Incomplete fix for CVE-2022-32209 (XSS in Rails::Html::Sanitizer under certain configurations) to Internet Bug Bounty - 15 upvotes, $2400
  202. Two out-of-bounds array reads in Python AST builder (Re-opening 520612 with CVEs) to Internet Bug Bounty - 15 upvotes, $2000
  203. CVE-2021-3711: SM2 decrypt buffer overflow to Internet Bug Bounty - 15 upvotes, $2000
  204. HTTP Request Smuggling Due to Incorrect Parsing of Header Fields to Internet Bug Bounty - 15 upvotes, $1800
  205. HTTP Request Smuggling via Empty headers separated by CR to Internet Bug Bounty - 15 upvotes, $1800
  206. Use-after-free in XML::LibXML::Node::replaceChild to Internet Bug Bounty - 15 upvotes, $0
  207. DoS for HTTP/2 connections by crafted requests (CVE-2018-1333) to Internet Bug Bounty - 15 upvotes, $0
  208. Basic Authentication Heap Overflow to Internet Bug Bounty - 15 upvotes, $0
  209. OAUTH2 bearer not-checked for connection re-use to Internet Bug Bounty - 15 upvotes, $0
  210. POST following PUT confusion to Internet Bug Bounty - 14 upvotes, $2400
  211. CVE-2024-38875: Denial-Of-Service through uncontrolled resource consumption caused by poor time complexity of strip_punctuation . to Internet Bug Bounty - 14 upvotes, $2142
  212. CVE-2022-21831: Possible code injection vulnerability in Rails / Active Storage to Internet Bug Bounty - 14 upvotes, $2000
  213. CVE-2023-23919: Multiple OpenSSL error handling issues in nodejs crypto library to Internet Bug Bounty - 14 upvotes, $1800
  214. chain.setstate Type Confusion to Internet Bug Bounty - 14 upvotes, $1000
  215. [CVE-2018-6913] heap-buffer-overflow in S_pack_rec to Internet Bug Bounty - 14 upvotes, $1000
  216. php curl ext size_t overflow lead to heap corruption to Internet Bug Bounty - 14 upvotes, $1000
  217. Critical vulnerability in JSON Web Encryption (JWE) - RFC 7516 Invalid Curve attack to Internet Bug Bounty - 14 upvotes, $1000
  218. Unsafe arithmetic in PyString_DecodeEscape to Internet Bug Bounty - 14 upvotes, $500
  219. Use-After-Free / Double-Free in WDDX Deserialize to Internet Bug Bounty - 14 upvotes, $500
  220. wddx_deserialize use-after-free to Internet Bug Bounty - 14 upvotes, $500
  221. SPDY heap buffer overflow to Internet Bug Bounty - 14 upvotes, $0
  222. TLS Triple Handshake Attack to Internet Bug Bounty - 14 upvotes, $0
  223. urllib HTTP header injection CVE-2016-5699 to Internet Bug Bounty - 14 upvotes, $0
  224. CVE-2019-5736: Escape from Docker and Kubernetes containers to root on host to Internet Bug Bounty - 14 upvotes, $0
  225. Race condition in Flash workers may cause an exploitabl​e double free to Internet Bug Bounty - 14 upvotes, $0
  226. Fragmentation and Aggregation Flaws in Wi-Fi to Internet Bug Bounty - 14 upvotes, $0
  227. Cache Poisoning to Internet Bug Bounty - 14 upvotes, $0
  228. CVE-2022-32213 - HTTP Request Smuggling Due to Flawed Parsing of Transfer-Encoding to Internet Bug Bounty - 13 upvotes, $1800
  229. Type confusion in partial.setstate, partial_repr, partial_call leads to memory corruption, reliable control flow hijack to Internet Bug Bounty - 13 upvotes, $1000
  230. IP-in-IP protocol routes arbitrary traffic by default - CVE-2020-10136 to Internet Bug Bounty - 13 upvotes, $750
  231. Windows builds with insecure path defaults (CVE-2019-1552) to Internet Bug Bounty - 13 upvotes, $500
  232. Cross-protocol attack on TLS using SSLv2 (DROWN) (CVE-2016-0800) to Internet Bug Bounty - 13 upvotes, $0
  233. heap-buffer-overflow (READ of size 48) in exif_read_data() to Internet Bug Bounty - 13 upvotes, $0
  234. CVE-2018-12882: heap-use-after-free in PHP 7.2 through 7.2.6, possible 7.2.7 to Internet Bug Bounty - 13 upvotes, $0
  235. Cross-site information assertion leak via Content Security Policy to Internet Bug Bounty - 13 upvotes, $0
  236. null pointer dereference in imap_mail to Internet Bug Bounty - 13 upvotes, $0
  237. Uncovering file quarantine and UX security issues in macOS apps ( .terminal, .fileloc and .url) to Internet Bug Bounty - 13 upvotes, $0
  238. Rails::Html::SafeListSanitizer vulnerable to xss attack in an environment that allows the style tag to Internet Bug Bounty - 12 upvotes, $2400
  239. UAF in OpenSSL up to 3.0.7 to Internet Bug Bounty - 12 upvotes, $2400
  240. php mcrypt ext - In correct casting from size_t to int lead to heap overflow in mdecrypt_generic to Internet Bug Bounty - 12 upvotes, $1000
  241. tcpdump before 4.9.3 has a heap-based buffer over-read related to aoe_print in print-aoe.c and lookup_emem in addrtoname.c to Internet Bug Bounty - 12 upvotes, $500
  242. CVE-2023-27536: GSS delegation too eager connection re-use to Internet Bug Bounty - 12 upvotes, $480
  243. CVE-2023-27538: SSH connection too eager reuse still to Internet Bug Bounty - 12 upvotes, $480
  244. HTTP MitM on Flash Player settings manager allows attacker to set sandbox settings to Internet Bug Bounty - 12 upvotes, $0
  245. Memory corruption when parsing a hostile PHAR archive to Internet Bug Bounty - 12 upvotes, $0
  246. Heapoverflow in zipimporter module to Internet Bug Bounty - 12 upvotes, $0
  247. Squid leaks previous content from reusable buffer to Internet Bug Bounty - 12 upvotes, $0
  248. CVE-2022-42916: HSTS bypass via IDN to Internet Bug Bounty - 12 upvotes, $0
  249. Electron CVE-2022-35954 Delimiter Injection Vulnerability in exportVariable to Internet Bug Bounty - 12 upvotes, $0
  250. CVE-2022-27782: TLS and SSH connection too eager reuse to Internet Bug Bounty - 11 upvotes, $2400
  251. CVE-2022-27778: curl removes wrong file on error to Internet Bug Bounty - 11 upvotes, $2400
  252. Authenticated but unauthorized users may enumerate Application names via the API to Internet Bug Bounty - 11 upvotes, $2400
  253. Internet-based attacker can run Flash apps in local sandboxes by using special URL schemes (PSIRT-3299, CVE-2015-3079) to Internet Bug Bounty - 11 upvotes, $2000
  254. CVE-2022-32214 - HTTP Request Smuggling Due To Improper Delimiting of Header Fields to Internet Bug Bounty - 11 upvotes, $1800
  255. [CVE-2020-27194] Linux kernel: eBPF verifier bug in or binary operation tracking function leads to LPE to Internet Bug Bounty - 11 upvotes, $750
  256. CVE-2022-32208: FTP-KRB bad message verification to Internet Bug Bounty - 11 upvotes, $480
  257. rubygems.org Batching attack to confirmation_token by bypass rate limit to Internet Bug Bounty - 11 upvotes, $480
  258. CVE-2023-27533: TELNET option IAC injection to Internet Bug Bounty - 11 upvotes, $480
  259. Use After Free Vulnerability in PHP's GC algorithm and unserialize to Internet Bug Bounty - 11 upvotes, $0
  260. ZipArchive class Use After Free Vulnerability in PHP's GC algorithm and unserialize to Internet Bug Bounty - 11 upvotes, $0
  261. Apache HTTP Request Parsing Whitespace Defects to Internet Bug Bounty - 11 upvotes, $0
  262. Heap Buffer Overflow (READ: 1786) in exif_iif_add_value to Internet Bug Bounty - 11 upvotes, $0
  263. Heap Use After Free Read in unserialize() to Internet Bug Bounty - 11 upvotes, $0
  264. Industry-Wide MITM Vulnerability Impacting the JVM Ecosystem to Internet Bug Bounty - 11 upvotes, $0
  265. Exim off-by-one RCE vulnerability to Internet Bug Bounty - 11 upvotes, $0
  266. CVE-2017-13008 The IEEE 802.11 parser in tcpdump before 4.9.2 has a buffer over-read in print-802_11.c:parse_elements(). to Internet Bug Bounty - 11 upvotes, $0
  267. CVE-2022-35260: .netrc parser out-of-bounds access to Internet Bug Bounty - 11 upvotes, $0
  268. CRLF Injection in Nodejs ‘undici’ via host to Internet Bug Bounty - 10 upvotes, $600
  269. cURL / libcURL - CVE-2016-8624 invalid URL parsing with '#' to Internet Bug Bounty - 10 upvotes, $500
  270. Improper handling of Chunked data request in sapi_apache2.c leads to Reflected XSS to Internet Bug Bounty - 10 upvotes, $500
  271. CVE-2023-27534: SFTP path ~ resolving discrepancy to Internet Bug Bounty - 10 upvotes, $480
  272. TLS heartbeat read overrun to Internet Bug Bounty - 10 upvotes, $0
  273. Linux kernel: CVE-2017-7308: a signedness issue in AF_PACKET sockets to Internet Bug Bounty - 10 upvotes, $0
  274. rpcbind "rpcbomb" CVE-2017-8779, CVE-2017-8804 to Internet Bug Bounty - 10 upvotes, $0
  275. [CVE-2020-10543] Buffer overflow caused by a crafted regular expression to Internet Bug Bounty - 10 upvotes, $0
  276. Buffer Overflow in smblib.c to Internet Bug Bounty - 10 upvotes, $0
  277. The Host Authorization middleware in Action Pack is vulnerable to crafted X-Forwarded-Host values to Internet Bug Bounty - 10 upvotes, $0
  278. CVE-2022-30115: HSTS bypass via trailing dot to Internet Bug Bounty - 10 upvotes, $0
  279. CVE-2022-43551: Another HSTS bypass via IDN to Internet Bug Bounty - 10 upvotes, $0
  280. CVE-2023-28322: more POST-after-PUT confusion to Internet Bug Bounty - 10 upvotes, $0
  281. Time-of-check to time-of-use vulnerability in the std::fs::remove_dir_all() function of the Rust standard library to Internet Bug Bounty - 9 upvotes, $4000
  282. Rack CVE-2022-30122: Denial of Service Vulnerability in Rack Multipart Parsing to Internet Bug Bounty - 9 upvotes, $2400
  283. potential denial of service attack via the locale parameter to Internet Bug Bounty - 9 upvotes, $2400
  284. "urllib" will result to deny of service to Internet Bug Bounty - 9 upvotes, $240
  285. XML hash collision DoS vulnerability in Python's xml.etree module to Internet Bug Bounty - 9 upvotes, $0
  286. Linux kernel: CVE-2017-1000112: a memory corruption due to UFO to non-UFO path switch to Internet Bug Bounty - 9 upvotes, $0
  287. Mercurial git subrepo lead to arbritary command injection to Internet Bug Bounty - 9 upvotes, $0
  288. Read beyond bounds via ap_rwrite() [zhbug_httpd_47.2] to Internet Bug Bounty - 9 upvotes, $0
  289. CVE-2022-32206: HTTP compression denial of service to Internet Bug Bounty - 8 upvotes, $2400
  290. Airflow Daemon Mode Insecure Umask Privilege Escalation to Internet Bug Bounty - 8 upvotes, $2400
  291. Flash Player information disclosure (etc.) CVE-2015-3044, PSIRT-3298 to Internet Bug Bounty - 8 upvotes, $2000
  292. Out of Bounds Memory Read in php_jpg_get16 to Internet Bug Bounty - 8 upvotes, $1500
  293. Use after free and out of bounds read in xmlrpc_decode() to Internet Bug Bounty - 8 upvotes, $1500
  294. Potential infinite loop in gdImageCreateFromGifCtx! to Internet Bug Bounty - 8 upvotes, $500
  295. CVE-2023-23915: HSTS amnesia with --parallel to Internet Bug Bounty - 8 upvotes, $480
  296. CVE-2023-23914: HSTS ignored on multiple requests to Internet Bug Bounty - 8 upvotes, $480
  297. CVE-2023-25692: Apache Airflow Google Provider: Google Cloud Sql Provider Denial Of Service and Remote Command Execution to Internet Bug Bounty - 8 upvotes, $480
  298. Optionsbleed / CVE-2017-9798 to Internet Bug Bounty - 8 upvotes, $100
  299. PHP Heap Overflow Vulnerability in imagecrop() to Internet Bug Bounty - 8 upvotes, $0
  300. Flash type confusion vulnerability leads to code execution to Internet Bug Bounty - 8 upvotes, $0
  301. Linux kernel: CVE-2017-6074: DCCP double-free vulnerability to Internet Bug Bounty - 8 upvotes, $0
  302. ChaCha20-Poly1305 with long nonces to Internet Bug Bounty - 8 upvotes, $0
  303. Use After Free Vulnerability in SNMP with GC and unserialize() to Internet Bug Bounty - 8 upvotes, $0
  304. CVE-2022-27780: percent-encoded path separator in URL host to Internet Bug Bounty - 8 upvotes, $0
  305. CVE-2022-35252: control code in cookie denial of service to Internet Bug Bounty - 8 upvotes, $0
  306. libcurl: freeing stack buffer during x509 certificate parsing to Internet Bug Bounty - 8 upvotes, $0
  307. CVE-2022-32207: Unpreserved file permissions to Internet Bug Bounty - 7 upvotes, $2400
  308. Inadequate Encryption Strength in nodejs-current reads openssl.cnf from /home/iojs/build/... upon startup on MacOS to Internet Bug Bounty - 7 upvotes, $2400
  309. Apache Airflow Google Cloud Sql Provider Remote Command Execution to Internet Bug Bounty - 7 upvotes, $2400
  310. linkinfo - openbasedir bypass on Windows PHP to Internet Bug Bounty - 7 upvotes, $500
  311. [bower] Arbitrary File Write through improper validation of symlinks while package extraction to Internet Bug Bounty - 7 upvotes, $500
  312. Out-of-Bound Read in phar_parse_zipfile() to Internet Bug Bounty - 7 upvotes, $500
  313. Illegal write/read access caused by gdImageAALine overflow to Internet Bug Bounty - 7 upvotes, $500
  314. memory corruption in wordwrap function to Internet Bug Bounty - 7 upvotes, $500
  315. integer overflow in imap_binary caused heap corruption to Internet Bug Bounty - 7 upvotes, $500
  316. heap overflow in substr_replace to Internet Bug Bounty - 7 upvotes, $500
  317. CVE-2023-28320 - siglongjmp race condition to Internet Bug Bounty - 7 upvotes, $480
  318. Out of bound read in exif_process_IFD_in_MAKERNOTE to Internet Bug Bounty - 7 upvotes, $0
  319. SSLv2 doesn't block disabled ciphers (CVE-2015-3197) to Internet Bug Bounty - 7 upvotes, $0
  320. Malformed SHA512 ticket DoS (CVE-2016-6302) to Internet Bug Bounty - 7 upvotes, $0
  321. read outside of buffer (heap buffer overflow) in S_regmatch - regexec.c:6057 to Internet Bug Bounty - 7 upvotes, $0
  322. ntpd: read_mru_list() does inadequate incoming packet checks to Internet Bug Bounty - 7 upvotes, $0
  323. heap-buffer-overflow (WRITE of size 8) in Perl_pp_reverse() to Internet Bug Bounty - 7 upvotes, $0
  324. Client DoS due to large DH parameter (CVE-2018-0732) to Internet Bug Bounty - 7 upvotes, $0
  325. Heap Use After Free in unserialize() to Internet Bug Bounty - 7 upvotes, $0
  326. Out of Bounds Memory Read in unserialize() to Internet Bug Bounty - 7 upvotes, $0
  327. [CVE-2018-18313] regcomp: heap-buffer-overflow read in S_grok_bslash_N to Internet Bug Bounty - 7 upvotes, $0
  328. libtiff 4.0.6 heap bufer overflow / out of bounds read (CVE-2016-9273) to Internet Bug Bounty - 7 upvotes, $0
  329. CVE-2017-12986 The IPv6 routing header parser in tcpdump before 4.9.2 has a buffer over-read in print-rt6.c:rt6_print(). to Internet Bug Bounty - 7 upvotes, $0
  330. Format string implementation vulnerability, resulting in code execution to Internet Bug Bounty - 7 upvotes, $0
  331. tcpdump: CVE-2018-14879 - buffer overflow in tcpdump.c:get_next_file() to Internet Bug Bounty - 7 upvotes, $0
  332. Dragonblood: Design and Implementation Flaws in WPA3 and EAP-pwd to Internet Bug Bounty - 7 upvotes, $0
  333. heap buffer overflow in phar_detect_phar_fname_ext to Internet Bug Bounty - 7 upvotes, $0
  334. Several protocol parsers in before 4.9.2 could cause a buffer overflow in util-print.c:bittok2str_internal() to Internet Bug Bounty - 7 upvotes, $0
  335. The VTP parser in tcpdump before 4.9.2 has a buffer over-read in print-vtp.c:vtp_print() to Internet Bug Bounty - 7 upvotes, $0
  336. Ruby's CGI library has HTTP response splitting (HTTP header injection), leaking confidential information to Internet Bug Bounty - 7 upvotes, $0
  337. open redirect in rfc6749 to Internet Bug Bounty - 6 upvotes, $3000
  338. Handling of jar: URIs bypasses AllowScriptAccess=never to Internet Bug Bounty - 6 upvotes, $2000
  339. CVE-2022-32215 - HTTP Request Smuggling Due to Incorrect Parsing of Multi-line Transfer-Encoding to Internet Bug Bounty - 6 upvotes, $1800
  340. Out of bounds memory read in unserialize() to Internet Bug Bounty - 6 upvotes, $500
  341. Urllib connects to a wrong host to Internet Bug Bounty - 6 upvotes, $500
  342. Inappropriately parsing HTTP response leads to PHP segment fault! to Internet Bug Bounty - 6 upvotes, $500
  343. integer overflow in fgetcsv caused heap corruption to Internet Bug Bounty - 6 upvotes, $500
  344. CVE-2022-32205: Set-Cookie denial of service to Internet Bug Bounty - 6 upvotes, $480
  345. Flash local-with-fileaccess Sandbox Bypass to Internet Bug Bounty - 6 upvotes, $0
  346. Double-free in X509 parsing to Internet Bug Bounty - 6 upvotes, $0
  347. Remote client memory corruption in ssl_add_clienthello_tlsext() to Internet Bug Bounty - 6 upvotes, $0
  348. DoS vulnerability in mod_auth_digest CVE-2016-2161 to Internet Bug Bounty - 6 upvotes, $0
  349. heap-buffer-overflow (READ of size 61) in Perl_re_intuit_start() to Internet Bug Bounty - 6 upvotes, $0
  350. libtiff 4.0.6 segfault / read outside of buffer (CVE-2016-9297) to Internet Bug Bounty - 6 upvotes, $0
  351. Type Confusion in WDDX Packet Deserialization to Internet Bug Bounty - 6 upvotes, $0
  352. Integer Overflow in php_html_entities() to Internet Bug Bounty - 6 upvotes, $0
  353. Integer Overflow in Length of String-typed ZVAL to Internet Bug Bounty - 6 upvotes, $0
  354. Use-after-free in PHP7's unserialize() to Internet Bug Bounty - 6 upvotes, $0
  355. Uninitialized Thumbail Data Leads To Memory Leakage in exif_process_IFD_in_TIFF to Internet Bug Bounty - 6 upvotes, $0
  356. Exim use-after-free vulnerability while reading mail header involving BDAT commands to Internet Bug Bounty - 6 upvotes, $0
  357. RCE on default Ubuntu Desktop >= 12.10 Quantal to Internet Bug Bounty - 6 upvotes, $0
  358. Invalid Read on exif_process_SOFn to Internet Bug Bounty - 6 upvotes, $0
  359. Ruby - Regular Expression Denial of Service Vulnerability of Date Parsing Methods to Internet Bug Bounty - 6 upvotes, $0
  360. Buffer Overflow in optimized_escape_html method to Internet Bug Bounty - 6 upvotes, $0
  361. Read and write beyond bounds in mod_sed to Internet Bug Bounty - 6 upvotes, $0
  362. CVE-2022-35948: CRLF Injection in Nodejs ‘undici’ via Content-Type to Internet Bug Bounty - 6 upvotes, $0
  363. Adobe Flash Player Race Condition Vulnerability to Internet Bug Bounty - 5 upvotes, $2000
  364. Undici ProxyAgent vulnerable to MITM to Internet Bug Bounty - 5 upvotes, $1000
  365. pass2_no_dither out-of-bounds access to Internet Bug Bounty - 5 upvotes, $500
  366. integer overflow in curl_escape caused heap corruption to Internet Bug Bounty - 5 upvotes, $500
  367. integer overflow in pg_escape_bytea caused heap corruption to Internet Bug Bounty - 5 upvotes, $500
  368. integer overflow in pg_escape_string caused heap corruption to Internet Bug Bounty - 5 upvotes, $500
  369. integer overflow in php_uuencode caused heap corruption to Internet Bug Bounty - 5 upvotes, $500
  370. Integer overflow lead to heap corruption in sql_regcase to Internet Bug Bounty - 5 upvotes, $500
  371. integer overflow in bzdecompress caused heap corruption to Internet Bug Bounty - 5 upvotes, $500
  372. Flash double free vulnerability leads to code execution to Internet Bug Bounty - 5 upvotes, $0
  373. Flash Sandbox Bypass to Internet Bug Bounty - 5 upvotes, $0
  374. Bypassing Same Origin Policy With JSONP APIs and Flash to Internet Bug Bounty - 5 upvotes, $0
  375. Flash Local Sandbox Bypass to Internet Bug Bounty - 5 upvotes, $0
  376. Race condition in workers may cause an exploitable double free by abusing bytearray.compress() to Internet Bug Bounty - 5 upvotes, $0
  377. FREAK: Factoring RSA_EXPORT Keys to Impersonate TLS Servers to Internet Bug Bounty - 5 upvotes, $0
  378. Type Confusion Vulnerability in SoapClient to Internet Bug Bounty - 5 upvotes, $0
  379. CVE-2016-2177 Undefined pointer arithmetic in SSL code to Internet Bug Bounty - 5 upvotes, $0
  380. CVE-2017-3730: Bad (EC)DHE parameters cause a client crash to Internet Bug Bounty - 5 upvotes, $0
  381. OCSP Status Request extension unbounded memory growth (CVE-2016-6304) to Internet Bug Bounty - 5 upvotes, $0
  382. OOB write in BN_bn2dec() (CVE-2016-2182) to Internet Bug Bounty - 5 upvotes, $0
  383. OOB write in MDC2_Update() (CVE-2016-6303) to Internet Bug Bounty - 5 upvotes, $0
  384. Excessive allocation of memory in dtls1_preprocess_fragment() (CVE-2016-6308) to Internet Bug Bounty - 5 upvotes, $0
  385. Excessive allocation of memory in tls_get_message_header() (CVE-2016-6307) to Internet Bug Bounty - 5 upvotes, $0
  386. Certificate message OOB reads (CVE-2016-6306) to Internet Bug Bounty - 5 upvotes, $0
  387. OOB read in TS_OBJ_print_bio() (CVE-2016-2180) to Internet Bug Bounty - 5 upvotes, $0
  388. heap-buffer-overflow (READ of size 11) in Perl 5.25.x to Internet Bug Bounty - 5 upvotes, $0
  389. Unsecure: Bypass alerts of Little Flocker / Little Snitch / HandsOff! / BlockBlock (same concept can be applied to other security tools) to Internet Bug Bounty - 5 upvotes, $0
  390. heap-buffer-overflow (buffer read overrun) in curl: ourWriteOut() src/tool_writeout.c:115 to Internet Bug Bounty - 5 upvotes, $0
  391. CVE-2017-1000101: cURL: URL globbing out of bounds read to Internet Bug Bounty - 5 upvotes, $0
  392. CVE-2017-5341 The OTV parser in tcpdump before 4.9.0 has a buffer overflow in print-otv.c:otv_print() to Internet Bug Bounty - 5 upvotes, $0
  393. CVE-2017-5484 The ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-atm.c:sig_print() to Internet Bug Bounty - 5 upvotes, $0
  394. Integer Overflow in addcslashes()/addslashes() to Internet Bug Bounty - 5 upvotes, $0
  395. Integer Overflow/Heap Overflow in json_encode()/json_decode() to Internet Bug Bounty - 5 upvotes, $0
  396. Use After Free Vulnerability in array_walk()/array_walk_recursive() to Internet Bug Bounty - 5 upvotes, $0
  397. Use After Free in PHP7 unserialize() to Internet Bug Bounty - 5 upvotes, $0
  398. Use-after-free in unserialize() to Internet Bug Bounty - 5 upvotes, $0
  399. Python 2.7 32-bit JSON encoding heap corruption to Internet Bug Bounty - 5 upvotes, $0
  400. CVE-2017-10966: Heap-use-after-free in Irssi <1.0.4 to Internet Bug Bounty - 5 upvotes, $0
  401. mod_remoteip stack buffer overflow and NULL pointer dereference to Internet Bug Bounty - 5 upvotes, $0
  402. Widespread failure of certificate validation in Android apps to Internet Bug Bounty - 5 upvotes, $0
  403. Malicious Server can force read any file on clients system with default configuration in MySQL Clients to Internet Bug Bounty - 5 upvotes, $0
  404. CVE-2016-7418 PHP Out-Of-Bounds Read in php_wddx_push_element to Internet Bug Bounty - 5 upvotes, $0
  405. Canonical Snapcraft vulnerable to remote code execution under certain conditions to Internet Bug Bounty - 5 upvotes, $0
  406. Read beyond bounds in ap_strcmp_match() [zhbug_httpd_47.7] to Internet Bug Bounty - 5 upvotes, $0
  407. Controllable read beyond bounds in lua_websocket_readbytes() [zhbug_httpd_126] to Internet Bug Bounty - 5 upvotes, $0
  408. Read beyond bounds in mod_isapi.c [zhbug_httpd_41] to Internet Bug Bounty - 5 upvotes, $0
  409. DoS via lua_read_body() [zhbug_httpd_94] to Internet Bug Bounty - 5 upvotes, $0
  410. CVE-2022-27781: CERTINFO never-ending busy-loop to Internet Bug Bounty - 5 upvotes, $0
  411. [CVE-2022-35949]: undici.request vulnerable to SSRF using absolute / protocol-relative URL on pathname to Internet Bug Bounty - 5 upvotes, $0
  412. HTTP multi-header compression denial of service to Internet Bug Bounty - 5 upvotes, $0
  413. CVE-2023-28755: ReDoS vulnerability in URI to Internet Bug Bounty - 5 upvotes, $0
  414. Adobe Flash Player FileReference Use-after-Free Vulnerability to Internet Bug Bounty - 4 upvotes, $7500
  415. Adobe Flash Player PSDK Class Use After Free Vulnerability to Internet Bug Bounty - 4 upvotes, $5000
  416. [Perl ENV Key Stack Buffer Overflow](https://hackerone.com/reports/272497) to Internet Bug Bounty - 4 upvotes, \1500
  417. OpenSSH / dropbearSSHd xauth command injection to Internet Bug Bounty - 4 upvotes, $1500
  418. imagecolormatch Out Of Bounds Write on Heap to Internet Bug Bounty - 4 upvotes, $1500
  419. Off-by-slash vulnerability in nodejs.org and iojs.org to Internet Bug Bounty - 4 upvotes, $1200
  420. CVE-2016-0772 - python: smtplib StartTLS stripping attack to Internet Bug Bounty - 4 upvotes, $1000
  421. SSL_peek() hang on empty record (CVE-2016-6305) to Internet Bug Bounty - 4 upvotes, $1000
  422. Type confusion in FutureIter_throw() which may potentially lead to an arbitrary code execution to Internet Bug Bounty - 4 upvotes, $500
  423. Invalid parameter in memcpy function trough openssl_pbkdf2 to Internet Bug Bounty - 4 upvotes, $500
  424. integer overflow in fgets cause heap corruption to Internet Bug Bounty - 4 upvotes, $500
  425. integer overflow in str_pad caused heap corruption to Internet Bug Bounty - 4 upvotes, $500
  426. integer overflow in php_ldap_do_escape caused heap corruption to Internet Bug Bounty - 4 upvotes, $500
  427. integer overflow in urlencode caused heap corruption to Internet Bug Bounty - 4 upvotes, $500
  428. integer overflow in quoted_printable_encode caused heap corruption to Internet Bug Bounty - 4 upvotes, $500
  429. integer overflow in base64_decode caused heap corruption to Internet Bug Bounty - 4 upvotes, $500
  430. Long filenames cause OOM and temp files are not cleaned to Internet Bug Bounty - 4 upvotes, $500
  431. CVE-2017-13041 The ICMPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp6.c:icmp6_nodeinfo_print(). to Internet Bug Bounty - 4 upvotes, $500
  432. [CVE-2023-22799] Possible ReDoS based DoS vulnerability in GlobalID to Internet Bug Bounty - 4 upvotes, $480
  433. Integer overflow in strop.expandtabs to Internet Bug Bounty - 4 upvotes, $0
  434. chrome allows POST requests with custom headers using flash + 307 redirect to Internet Bug Bounty - 4 upvotes, $0
  435. Use after free vulnerability in unserialize() with DateTimeZone to Internet Bug Bounty - 4 upvotes, $0
  436. Use-after-free in php_curl related to CURLOPT_FILE/_INFILE/_WRITEHEADER to Internet Bug Bounty - 4 upvotes, $0
  437. Module ngx_http_auth_basic_module is broken and allowing all password after specific length to Internet Bug Bounty - 4 upvotes, $0
  438. Divide-and-conquer session key recovery in SSLv2 (CVE-2016-0703) to Internet Bug Bounty - 4 upvotes, $0
  439. Heap overflow caused by type confusion vulnerability in merge_param() to Internet Bug Bounty - 4 upvotes, $0
  440. Out of bounds read in libcurl's IMAP FETCH response parser to Internet Bug Bounty - 4 upvotes, $0
  441. CVE-2019-0196: mod_http2 with scoreboard Use-After-Free (Read) to Internet Bug Bounty - 4 upvotes, $0
  442. Silent omission of certificate hostname verification in LibreSSL and BoringSSL to Internet Bug Bounty - 4 upvotes, $0
  443. pngcrush double-free/segfault could result in DoS (CVE-2015-7700) to Internet Bug Bounty - 4 upvotes, $0
  444. Use after free with assign by ref to overloaded objects to Internet Bug Bounty - 4 upvotes, $0
  445. Denial of service in libxml2, using malicious lzma file to consume available system memory to Internet Bug Bounty - 4 upvotes, $0
  446. CVE-2017-11367: Global buffer overflow (READ of size 4) in shoco C library to Internet Bug Bounty - 4 upvotes, $0
  447. CVE-2017-13009 The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-mobility.c:mobility_print(). to Internet Bug Bounty - 4 upvotes, $0
  448. CVE-2017-13010 The BEEP parser in tcpdump before 4.9.2 has a buffer over-read in print-beep.c:l_strnstart(). to Internet Bug Bounty - 4 upvotes, $0
  449. Integer Overflow in php_raw_url_encode to Internet Bug Bounty - 4 upvotes, $0
  450. Multiple Heap Overflows in php_raw_url_encode/php_url_encode to Internet Bug Bounty - 4 upvotes, $0
  451. Integer Overflow in SplFileObject::fread to Internet Bug Bounty - 4 upvotes, $0
  452. Integer Overflow in nl2br() to Internet Bug Bounty - 4 upvotes, $0
  453. Use After Free in unserialize() with Unexpected Session Deserialization to Internet Bug Bounty - 4 upvotes, $0
  454. Use After Free/Double Free in Garbage Collection to Internet Bug Bounty - 4 upvotes, $0
  455. Use After Free Vulnerability in unserialize() to Internet Bug Bounty - 4 upvotes, $0
  456. Create an Unexpected Object and Don't Invoke __wakeup() in During Deserialization to Internet Bug Bounty - 4 upvotes, $0
  457. Memory Corruption in During Deserialized-object Destruction to Internet Bug Bounty - 4 upvotes, $0
  458. NULL Pointer Dereference in WDDX Packet Deserialization with PDORow to Internet Bug Bounty - 4 upvotes, $0
  459. Use-after-free in ArrayObject Deserialization to Internet Bug Bounty - 4 upvotes, $0
  460. Use After Free in unserialize() to Internet Bug Bounty - 4 upvotes, $0
  461. Create an Unexpected Object and Don't Invoke __wakeup() in Deserialization to Internet Bug Bounty - 4 upvotes, $0
  462. Two vulnerability in GNU binutils to Internet Bug Bounty - 4 upvotes, $0
  463. memory allocator fails to realloc small block to large one to Internet Bug Bounty - 4 upvotes, $0
  464. Heap-buffer-overflow in Perl__byte_dump_string (utf8.c) could lead to memory leak to Internet Bug Bounty - 4 upvotes, $0
  465. Memory Leakage In exif_process_IFD_in_TIFF (CVE-2016-7128) to Internet Bug Bounty - 4 upvotes, $0
  466. Incorrect logic in MySQL & MariaDB protocol leads to remote SSRF/Remote file read to Internet Bug Bounty - 4 upvotes, $0
  467. PHP Integer Overflow in gdImageWebpCtx to Internet Bug Bounty - 4 upvotes, $0
  468. Use of uninitialized value in ftp_getrc_msg method of mod_proxy_ftp.c to Internet Bug Bounty - 4 upvotes, $0
  469. CVE-2017-13050: The RPKI-Router parser in tcpdump before 4.9.2 has a buffer over-read in print-rpki-rtr.c:rpki_rtr_pdu_print() to Internet Bug Bounty - 4 upvotes, $0
  470. Apache HTTP Server: mod_proxy_uwsgi HTTP response splitting (CVE-2023-27522) to Internet Bug Bounty - 4 upvotes, $0
  471. Security Unfavorable Specifications and Implementations in the CGI::Cookie Class to Internet Bug Bounty - 4 upvotes, $0
  472. CVE-2023-28321: IDN wildcard match to Internet Bug Bounty - 4 upvotes, $0
  473. User credentials leak and arbitrary local file read/leak due to same-origin-policy violation to Internet Bug Bounty - 3 upvotes, $3000
  474. Same Origin Security Bypass Vulnerability to Internet Bug Bounty - 3 upvotes, $2000
  475. Security bypass could lead to information disclosure to Internet Bug Bounty - 3 upvotes, $2000
  476. Adobe Flash Player MP4 Use-After-Free Vulnerability to Internet Bug Bounty - 3 upvotes, $2000
  477. Integer overflow in ZipArchive::getFrom* to Internet Bug Bounty - 3 upvotes, $1500
  478. Heap overflow in utf32be_mbc_to_code to Internet Bug Bounty - 3 upvotes, $1500
  479. Out of Bounds Memory Read in exif_process_user_comment to Internet Bug Bounty - 3 upvotes, $1500
  480. Invalid handling of X509_verify_cert() internal errors in libssl (CVE-2021-4044) to Internet Bug Bounty - 3 upvotes, $1200
  481. Perl 5.22 VDir::MapPathA/W Out-of-bounds Reads and Buffer Over-reads to Internet Bug Bounty - 3 upvotes, $1000
  482. php_snmp_error() Format String Vulnerability to Internet Bug Bounty - 3 upvotes, $1000
  483. SEH buffer overflow msgfmt_format_message to Internet Bug Bounty - 3 upvotes, $1000
  484. Uninitialized pointer in phar_make_dirstream() to Internet Bug Bounty - 3 upvotes, $1000
  485. Heap corruption in tar/zip/phar parser to Internet Bug Bounty - 3 upvotes, $1000
  486. CVE-2020-9383 Floppy OOB read to Internet Bug Bounty - 3 upvotes, $750
  487. Uncontrolled Resource Consumption with XMPP-Layer Compression to Internet Bug Bounty - 3 upvotes, $500
  488. moderate: mod_deflate denial of service to Internet Bug Bounty - 3 upvotes, $500
  489. null pointer dereference in set_conversion_mode due uncheck _ctypes_conversion_errors to Internet Bug Bounty - 3 upvotes, $500
  490. crash in locale_compose() function to Internet Bug Bounty - 3 upvotes, $500
  491. integer overflow in preg_quote caused heap corruption to Internet Bug Bounty - 3 upvotes, $500
  492. Tcpdump before 4.9.3 has a buffer over-read in print-802_11.c (CVE-2018-16227) to Internet Bug Bounty - 3 upvotes, $500
  493. Tcpdump before 4.9.3 has a buffer over-read in print-dccp.c:dccp_print_option() (CVE-2018-16229) to Internet Bug Bounty - 3 upvotes, $500
  494. CVE-2017-13040 The MPTCP parser in tcpdump before 4.9.2 has a buffer over-read in print-mptcp.c, several functions. to Internet Bug Bounty - 3 upvotes, $500
  495. Possible DoS Vulnerability in Multipart MIME parsing in rack to Internet Bug Bounty - 3 upvotes, $480
  496. Multiple Python integer overflows to Internet Bug Bounty - 3 upvotes, $0
  497. Flash Cross Domain Policy Bypass by Using File Upload and Redirection - only in Chrome to Internet Bug Bounty - 3 upvotes, $0
  498. Use After Free Vulnerability in unserialize() to Internet Bug Bounty - 3 upvotes, $0
  499. Use after free vulnerability in unserialize() with DateInterval to Internet Bug Bounty - 3 upvotes, $0
  500. php_stream_url_wrap_http_ex() type-confusion vulnerability to Internet Bug Bounty - 3 upvotes, $0
  501. Use after free vulnerability in unserialize() with GMP to Internet Bug Bounty - 3 upvotes, $0
  502. Padding oracle in AES-NI CBC MAC check (CVE-2016-2107) to Internet Bug Bounty - 3 upvotes, $0
  503. Heap corruption via Python 2.7.11 IOBase readline() to Internet Bug Bounty - 3 upvotes, $0
  504. Buffer overflow in HTTP url parsing functions to Internet Bug Bounty - 3 upvotes, $0
  505. Buffer overflow in HTTP parse_hostinfo(), parse_userinfo() and parse_scheme() to Internet Bug Bounty - 3 upvotes, $0
  506. Use of uninitialized memory in unserialize() to Internet Bug Bounty - 3 upvotes, $0
  507. Mercurial can be tricked into granting authorized users access to the Python debugger to Internet Bug Bounty - 3 upvotes, $0
  508. pngcrush_measure_idat() off-by-one error (CVE-2015-2158) to Internet Bug Bounty - 3 upvotes, $0
  509. CVE-2017-5969: libxml2 when used in recover mode, allows remote attackers to cause a denial of service (NULL pointer dereference) to Internet Bug Bounty - 3 upvotes, $0
  510. CVE-2017-10965: Null pointer dereference in Irssi <1.0.4 to Internet Bug Bounty - 3 upvotes, $0
  511. CVE-2017-5204: The IPv6 parser in tcpdump before 4.9.0 has a buffer overflow in print-ip6.c:ip6_print() to Internet Bug Bounty - 3 upvotes, $0
  512. CVE-2017-13038 The PPP parser in tcpdump before 4.9.2 has a buffer over-read in print-ppp.c:handle_mlppp(). to Internet Bug Bounty - 3 upvotes, $0
  513. CVE-2017-12858: Heap UAF in _zip_buffer_free() / Double free in _zip_dirent_read() to Internet Bug Bounty - 3 upvotes, $0
  514. Crash (DoS) when parsing a hostile TIFF to Internet Bug Bounty - 3 upvotes, $0
  515. Type Confusion in Object Deserialization to Internet Bug Bounty - 3 upvotes, $0
  516. external entity expansion in Apache POI to Internet Bug Bounty - 3 upvotes, $0
  517. mod_http2, memory corruption on early pushes (CVE-2019-10081) to Internet Bug Bounty - 3 upvotes, $0
  518. Out of bound when verify signature of tar phar in phar_parse_tarfile to Internet Bug Bounty - 3 upvotes, $0
  519. Out of bound when verify signature of zip phar in phar_parse_zipfile to Internet Bug Bounty - 3 upvotes, $0
  520. GarlicRust - heartbleed style vulnerability in major I2P C++ router implementations to Internet Bug Bounty - 3 upvotes, $0
  521. Exim handles BDAT data incorrectly and leads to crash/hang to Internet Bug Bounty - 3 upvotes, $0
  522. Roundcube virtualmin privilege escalation (CVE-2017-8114) to Internet Bug Bounty - 3 upvotes, $0
  523. CVE-2016-4796 OpenJPEG color_cmyk_to_rgb Out-of-Bounds Read Vulnerability to Internet Bug Bounty - 3 upvotes, $0
  524. CVE-2016-7163 OpenJPEG opj_pi_create_decode Integer Overflow Vulnerability to Internet Bug Bounty - 3 upvotes, $0
  525. Null Pointer Dereference in phar_create_or_parse_filename to Internet Bug Bounty - 3 upvotes, $0
  526. Heap buffer overflow vulnerability while processing a malformed TIFF file. to Internet Bug Bounty - 3 upvotes, $0
  527. CVE-2023-27537: HSTS double-free to Internet Bug Bounty - 3 upvotes, $0
  528. Adobe Flash Player Out-of-Bound Read/Write Vulnerability to Internet Bug Bounty - 2 upvotes, $5000
  529. OpenSSL Key Recovery Attack on DH small subgroups (CVE-2016-0701) to Internet Bug Bounty - 2 upvotes, $2500
  530. Adobe Flash Player MP4 Use-After-Free Vulnerability to Internet Bug Bounty - 2 upvotes, $2000
  531. Adobe Flash Player Out-of-Bound Access Vulnerability to Internet Bug Bounty - 2 upvotes, $2000
  532. Adobe Flash Player ShimAdPolicySelector(adPolicySelectorType=0) class Memory Corruption to Internet Bug Bounty - 2 upvotes, $2000
  533. Adobe Flash Player ShimContentResolver(resolverType=1) class Memory Corruption Vulnerability to Internet Bug Bounty - 2 upvotes, $2000
  534. Adobe Flash Player ShimContentResolver(resolverType=0) class Memory Corruption Vulnerability to Internet Bug Bounty - 2 upvotes, $2000
  535. Adobe Flash Player ShimContentResolver.configure Memory Corruption Vulnerability to Internet Bug Bounty - 2 upvotes, $2000
  536. Adobe Flash Player ShimContentFactory.retrieveResolvers Memory Corruption Vulnerability to Internet Bug Bounty - 2 upvotes, $2000
  537. Adobe Flash Player ShimContentFactory class Memory Corruption Vulnerability to Internet Bug Bounty - 2 upvotes, $2000
  538. Adobe Flash Player Metadata class Memory Corruption Vulnerability to Internet Bug Bounty - 2 upvotes, $2000
  539. Adobe Flash Player OpportunityGenerator class Memory Corruption Vulnerability to Internet Bug Bounty - 2 upvotes, $2000
  540. Adobe Flash Player ContentFactory class Memory Corruption Vulnerability to Internet Bug Bounty - 2 upvotes, $2000
  541. phar_tar_writeheaders_int() buffer overflow to Internet Bug Bounty - 2 upvotes, $1500
  542. Buffer over-write in finfo_open with malformed magic file. to Internet Bug Bounty - 2 upvotes, $1500
  543. Negative size parameter in mb_split to Internet Bug Bounty - 2 upvotes, $1500
  544. BN_mod_exp may produce incorrect results on x86_64 (CVE-2015-3193) to Internet Bug Bounty - 2 upvotes, $1000
  545. imagegammacorrect allows arbitrary write access to Internet Bug Bounty - 2 upvotes, $1000
  546. Python 2.7 strop.replace Integer Overflow to Internet Bug Bounty - 2 upvotes, $500
  547. imagefilltoborder stackoverflow on truecolor images to Internet Bug Bounty - 2 upvotes, $500
  548. Write out-of-bounds at number_format to Internet Bug Bounty - 2 upvotes, $500
  549. memcpy negative parameter _bc_new_num_ex to Internet Bug Bounty - 2 upvotes, $500
  550. Out-of-bounds reads in zif_grapheme_stripos with negative offset to Internet Bug Bounty - 2 upvotes, $500
  551. imagecropauto out-of-bounds access to Internet Bug Bounty - 2 upvotes, $500
  552. wddx_deserialize null dereference in php_wddx_pop_element to Internet Bug Bounty - 2 upvotes, $500
  553. wddx_deserialize null dereference with invalid xml to Internet Bug Bounty - 2 upvotes, $500
  554. PHP INI Parsing Stack Buffer Overflow Vulnerability to Internet Bug Bounty - 2 upvotes, $500
  555. Out-Of-Bounds Read in timelib_meridian() to Internet Bug Bounty - 2 upvotes, $500
  556. PHP WDDX Deserialization Heap OOB Read in timelib_meridian() to Internet Bug Bounty - 2 upvotes, $500
  557. PHP OpenSSL zif_openssl_seal() heap overflow (wild memcpy) to Internet Bug Bounty - 2 upvotes, $500
  558. Multiple Heap Overflow due to integer overflows | xml/filter_url/addcslashes to Internet Bug Bounty - 2 upvotes, $500
  559. imap_rfc822_parse_headers GS Violation to Internet Bug Bounty - 2 upvotes, $500
  560. wddx_deserialize allows illegal memory access to Internet Bug Bounty - 2 upvotes, $500
  561. Use-after-free in _asyncio_Future_remove_done_callback to Internet Bug Bounty - 2 upvotes, $500
  562. Incorrect GC behavior in xxlimited could lead to use-after-free to Internet Bug Bounty - 2 upvotes, $500
  563. crash in gzcompress and 3 other compress functions to Internet Bug Bounty - 2 upvotes, $500
  564. php_snmp_parse_oid integer overflow in memory allocation to Internet Bug Bounty - 2 upvotes, $500
  565. ldap_escape could produce string larger than 2Gb to Internet Bug Bounty - 2 upvotes, $500
  566. integer overflow in recode_string caused heap corruption to Internet Bug Bounty - 2 upvotes, $500
  567. Heap BufferOver Flow in escapeshellargs and escapeshellcmd functions to Internet Bug Bounty - 2 upvotes, $500
  568. Arbitary Memory Read via gdImageRotateInterpolated Array Index Out of Bounds to Internet Bug Bounty - 2 upvotes, $500
  569. buffer overread in base64 code of the xmlrpc module to Internet Bug Bounty - 2 upvotes, $500
  570. OOB read in php_strip_tags_ex to Internet Bug Bounty - 2 upvotes, $500
  571. [CVE-2022-44570] Possible Denial of Service Vulnerability in Rack’s Range header parsing to Internet Bug Bounty - 2 upvotes, $480
  572. [CVE-2023-22796] Possible ReDoS based DoS vulnerability in Active Support’s underscore to Internet Bug Bounty - 2 upvotes, $480
  573. [CVE-2022-44572] Possible Denial of Service Vulnerability in Rack’s RFC2183 boundary parsing to Internet Bug Bounty - 2 upvotes, $480
  574. [CVE-2022-44571] Possible Denial of Service Vulnerability in Rack Content-Disposition parsing to Internet Bug Bounty - 2 upvotes, $480
  575. Multiple issues in looking-glass software (aka from web to BGP injections) to Internet Bug Bounty - 2 upvotes, $0
  576. mod_proxy_fcgi buffer overflow to Internet Bug Bounty - 2 upvotes, $0
  577. Misc Python bugs (Memory Corruption & Use After Free) to Internet Bug Bounty - 2 upvotes, $0
  578. Bad Write in TTF font parsing (win32k.sys) to Internet Bug Bounty - 2 upvotes, $0
  579. Heap overflow in H. Spencer’s regex library on 32 bit systems to Internet Bug Bounty - 2 upvotes, $0
  580. Segmentation fault for invalid PSS parameters to Internet Bug Bounty - 2 upvotes, $0
  581. Free called on unitialized pointer in exif.c to Internet Bug Bounty - 2 upvotes, $0
  582. out of bounds read crashes php-cgi to Internet Bug Bounty - 2 upvotes, $0
  583. X509_to_X509_REQ NULL pointer deref to Internet Bug Bounty - 2 upvotes, $0
  584. Tokenizer crash when processing undecodable source code to Internet Bug Bounty - 2 upvotes, $0
  585. Multiple use after free bugs in element module to Internet Bug Bounty - 2 upvotes, $0
  586. Multiple use after free bugs in heapq module to Internet Bug Bounty - 2 upvotes, $0
  587. Multiple use after free bugs in json encoding to Internet Bug Bounty - 2 upvotes, $0
  588. Use after free in get_filter to Internet Bug Bounty - 2 upvotes, $0
  589. Multiple type confusions in unicode error handlers to Internet Bug Bounty - 2 upvotes, $0
  590. mod_lua: Crash in websockets PING handling to Internet Bug Bounty - 2 upvotes, $0
  591. Use After Free Vulnerability in unserialize() with SplDoublyLinkedList to Internet Bug Bounty - 2 upvotes, $0
  592. Use After Free Vulnerability in unserialize() with SplObjectStorage to Internet Bug Bounty - 2 upvotes, $0
  593. Use After Free Vulnerability in unserialize() to Internet Bug Bounty - 2 upvotes, $0
  594. Use After Free Vulnerability in session deserializer to Internet Bug Bounty - 2 upvotes, $0
  595. zend_throw_or_error() format string vulnerability to Internet Bug Bounty - 2 upvotes, $0
  596. Multiple Use After Free Vulnerabilites in unserialize() to Internet Bug Bounty - 2 upvotes, $0
  597. EVP_EncryptUpdate overflow (CVE-2016-2106) to Internet Bug Bounty - 2 upvotes, $0
  598. ASN.1 BIO excessive memory allocation (CVE-2016-2109) to Internet Bug Bounty - 2 upvotes, $0
  599. Null pointer deref (segfault) in stream_context_get_default to Internet Bug Bounty - 2 upvotes, $0
  600. NULL Pointer Dereference in exif_process_user_comment to Internet Bug Bounty - 2 upvotes, $0
  601. Interger overflow in eval trigger write out of bound to Internet Bug Bounty - 2 upvotes, $0
  602. CVE-2017-5342 In tcpdump before 4.9.0 a bug in multiple protocol parsers could cause a buffer overflow in print-ether.c:ether_print() to Internet Bug Bounty - 2 upvotes, $0
  603. CVE-2017-5482 The Q.933 parser in tcpdump before 4.9.0 has a buffer overflow in print-fr.c:q933_print(). to Internet Bug Bounty - 2 upvotes, $0
  604. CVE-2017-12985: The IPv6 parser in tcpdump before 4.9.2 has a buffer over-read in ip6_print() to Internet Bug Bounty - 2 upvotes, $0
  605. Use After Free Vulnerability in WDDX Packet Deserialization to Internet Bug Bounty - 2 upvotes, $0
  606. Type Confusion Vulnerability in PHP_to_XMLRPC_worker() to Internet Bug Bounty - 2 upvotes, $0
  607. Session WDDX Packet Deserialization Type Confusion Vulnerability to Internet Bug Bounty - 2 upvotes, $0
  608. Multiple issues in Libxml2 (2.9.2 - 2.9.5) to Internet Bug Bounty - 2 upvotes, $0
  609. Integer overflow in wordwrap to Internet Bug Bounty - 2 upvotes, $0
  610. mod_http2, read-after-free in h2 connection shutdown (CVE-2019-10082) to Internet Bug Bounty - 2 upvotes, $0
  611. Heap Buffer Overflow to Internet Bug Bounty - 2 upvotes, $0
  612. Multiple use after frees in obj2ast_* methods to Internet Bug Bounty - 2 upvotes, $0
  613. stack buffer overflows in the curses module to Internet Bug Bounty - 2 upvotes, $0
  614. UAF in xmlparser_setevents (2) to Internet Bug Bounty - 2 upvotes, $0
  615. NULL Pointer Dereference while unserialize php object to Internet Bug Bounty - 2 upvotes, $0
  616. Heap overflow in curl_escape to Internet Bug Bounty - 2 upvotes, $0
  617. heap-buffer-overflow (write) simplestring_addn simplestring.c to Internet Bug Bounty - 2 upvotes, $0
  618. Stack-based buffer overflow vulnerability in virtual_file_ex to Internet Bug Bounty - 2 upvotes, $0
  619. Heap Overflow Due To Integer Overflow to Internet Bug Bounty - 2 upvotes, $0
  620. Multiple vulnerabilities related to PCRE functions (already fixed) to Internet Bug Bounty - 2 upvotes, $0
  621. Trivial age-old heap overflow in 32-bit PHP to Internet Bug Bounty - 2 upvotes, $0
  622. Misusing of FPU Instruction Could Cause Security Vulnerabilities in Adobe Flash Player to Internet Bug Bounty - 2 upvotes, $0
  623. Ericsson Erlang OTP Core Allocation Subsystem Integer Overflow (All Versions) to Internet Bug Bounty - 2 upvotes, $0
  624. CVE-2017-8798 - miniupnp getHTTPResponse chunked encoding integer signedness error to Internet Bug Bounty - 2 upvotes, $0
  625. The “Malstaller” Attack, global hijacking of any installation process to achieve RCE with elevated privileges, Windows OS (vendor agnostic) to Internet Bug Bounty - 2 upvotes, $0
  626. CVE-2016-3182 OpenJPEG color_esycc_to_rgb Out-of-Bounds Read Vulnerability to Internet Bug Bounty - 2 upvotes, $0
  627. CVE-2016-3183 OpenJPEG sycc422_to_rgb Out-of-Bounds Read Vulnerability to Internet Bug Bounty - 2 upvotes, $0
  628. putty pscp client-side post-auth stack buffer overwrite when processing remote file size to Internet Bug Bounty - 2 upvotes, $0
  629. PHP 7.3.3: Heap-use-after-free (READ of size 8) in match_at() to Internet Bug Bounty - 2 upvotes, $0
  630. Out-of-Bound Read in urldecode() [CVE-2020-7067] to Internet Bug Bounty - 2 upvotes, $0
  631. PHP link() silently truncates after a null byte on Windows to Internet Bug Bounty - 2 upvotes, $0
  632. CVE-2017-13019: The PGM parser in tcpdump before 4.9.2 has a buffer over-read in print-pgm.c:pgm_print() to Internet Bug Bounty - 2 upvotes, $0
  633. Use of uninitialized value of in req_parsebody method of lua_request.c to Internet Bug Bounty - 2 upvotes, $0
  634. CVE-2023-28319: UAF in SSH sha256 fingerprint check to Internet Bug Bounty - 2 upvotes, $0
  635. Adobe Flash Player Regular Expression UAF Remote Code Execution Vulnerability to Internet Bug Bounty - 1 upvotes, $5000
  636. Adobe Flash Player TimedEvent.parent Memory Corruption Vulnerability to Internet Bug Bounty - 1 upvotes, $5000
  637. Adobe Flash Player ASnative(101,10) Memory Corruption Vulnerability to Internet Bug Bounty - 1 upvotes, $5000
  638. Wrong Handling of Content-Type allows Flash injection and Rosseta flash patch bypass to Internet Bug Bounty - 1 upvotes, $3000
  639. Locale::parseLocale Double Free to Internet Bug Bounty - 1 upvotes, $2500
  640. Adobe Flash Player ShimOpportunityGenerator class Memory Corruption Vulnerability to Internet Bug Bounty - 1 upvotes, $2000
  641. Adobe Flash Player ASnative(900,1).call(TextField) Use-After-Free Vulnerability to Internet Bug Bounty - 1 upvotes, $2000
  642. Adobe Flash Player ASnative(900,1).call(MovieClip) Use-After-Free Vulnerability to Internet Bug Bounty - 1 upvotes, $2000
  643. Adobe Flash Player TextField Use-After-Free Vulnerability to Internet Bug Bounty - 1 upvotes, $2000
  644. ZIP Integer Overflow leads to writing past heap boundary to Internet Bug Bounty - 1 upvotes, $1500
  645. PHP yaml_parse/yaml_parse_file/yaml_parse_url Double Free to Internet Bug Bounty - 1 upvotes, $1500
  646. 3 heap corruptions in PHP to Internet Bug Bounty - 1 upvotes, $1500
  647. Stack Buffer Overflow in GD dynamicGetbuf to Internet Bug Bounty - 1 upvotes, $1500
  648. Inadequate error handling in bzread() to Internet Bug Bounty - 1 upvotes, $1500
  649. Buffer Over flow when parsing tar/zip/phar in phar_set_inode to Internet Bug Bounty - 1 upvotes, $1000
  650. Buffer Over-read in unserialize when parsing Phar to Internet Bug Bounty - 1 upvotes, $1000
  651. Python: imageop Unsafe Arithmetic to Internet Bug Bounty - 1 upvotes, $1000
  652. msilib.OpenDatabase Type Confusion to Internet Bug Bounty - 1 upvotes, $1000
  653. Negative size parameter (-1) in memcpy mbfl_strcut to Internet Bug Bounty - 1 upvotes, $1000
  654. Invalid free in phar_extract_file() to Internet Bug Bounty - 1 upvotes, $1000
  655. Use-after-free vulnerability in SPL(SplObjectStorage, unserialize) to Internet Bug Bounty - 1 upvotes, $1000
  656. Use-after-free vulnerability in SPL(ArrayObject, unserialize) to Internet Bug Bounty - 1 upvotes, $1000
  657. PHP yaml_parse/yaml_parse_file/yaml_parse_url Unsafe Deserialization to Internet Bug Bounty - 1 upvotes, $500
  658. Integer overflow in _pickle.c to Internet Bug Bounty - 1 upvotes, $500
  659. memcpy negative size parameter in php_resolve_path to Internet Bug Bounty - 1 upvotes, $500
  660. potential remote code execution with phar archive to Internet Bug Bounty - 1 upvotes, $500
  661. xml_parse_into_struct segmentation fault to Internet Bug Bounty - 1 upvotes, $500
  662. stack-buffer-overflow through "ResourceBundle" methods to Internet Bug Bounty - 1 upvotes, $500
  663. bcpowmod accepts negative scale and corrupts one definition to Internet Bug Bounty - 1 upvotes, $500
  664. get_icu_value_internal out-of-bounds read to Internet Bug Bounty - 1 upvotes, $500
  665. locale_accept_from_http out-of-bounds access to Internet Bug Bounty - 1 upvotes, $500
  666. Illegal write access through Locale methods to Internet Bug Bounty - 1 upvotes, $500
  667. CVE-2015-8874 Stack overflow with imagefilltoborder to Internet Bug Bounty - 1 upvotes, $500
  668. imagegif/output out-of-bounds access to Internet Bug Bounty - 1 upvotes, $500
  669. Integer underflow / arbitrary null write in fread/gzread to Internet Bug Bounty - 1 upvotes, $500
  670. Null pointer deref with ob_start with get_defined_vars to Internet Bug Bounty - 1 upvotes, $500
  671. Null pointer deref with ob_start with compact to Internet Bug Bounty - 1 upvotes, $500
  672. memory corruption while parsing HTTP response to Internet Bug Bounty - 1 upvotes, $500
  673. imagescale out-of-bounds read to Internet Bug Bounty - 1 upvotes, $500
  674. gdImageTrueColorToPaletteBody allows arbitrary write/read access to Internet Bug Bounty - 1 upvotes, $500
  675. wddx_deserialize null dereference to Internet Bug Bounty - 1 upvotes, $500
  676. NULL pointer dereference in SimpleXMLElement::asXML() to Internet Bug Bounty - 1 upvotes, $500
  677. crash in openssl_random_pseudo_bytes function to Internet Bug Bounty - 1 upvotes, $500
  678. missing NULL check in dom_document_save_html to Internet Bug Bounty - 1 upvotes, $500
  679. heap overflow in php_ereg_replace function to Internet Bug Bounty - 1 upvotes, $500
  680. crash in implode() function to Internet Bug Bounty - 1 upvotes, $500
  681. iconv() function missing string length check to Internet Bug Bounty - 1 upvotes, $500
  682. crash in bzcompress function to Internet Bug Bounty - 1 upvotes, $500
  683. crash in get_icu_value_internal function to Internet Bug Bounty - 1 upvotes, $500
  684. crash in locale_get_keywords() when keyword value in locale string too long to Internet Bug Bounty - 1 upvotes, $500
  685. another crash in locale_get_keywords function to Internet Bug Bounty - 1 upvotes, $500
  686. CachingIterator null dereference when convert to string to Internet Bug Bounty - 1 upvotes, $500
  687. Invalid memory access in zend_strtod() function to Internet Bug Bounty - 1 upvotes, $500
  688. crash in simplestring_addn function to Internet Bug Bounty - 1 upvotes, $500
  689. Invalid memory access in spl_filesystem_dir_open function to Internet Bug Bounty - 1 upvotes, $500
  690. Invalid memory access in php_basename function to Internet Bug Bounty - 1 upvotes, $500
  691. Invalid memory access in spl_filesystem_info_set_filename function to Internet Bug Bounty - 1 upvotes, $500
  692. malloc negative size parameter to Internet Bug Bounty - 1 upvotes, $500
  693. gzuncompress does NOT check output string size which leads to an overflow to Internet Bug Bounty - 1 upvotes, $500
  694. gzdecode does NOT check output string size which leads to an overflow to Internet Bug Bounty - 1 upvotes, $500
  695. Missing type check when unserializing SplArray to Internet Bug Bounty - 1 upvotes, $500
  696. integer overflow in xml_utf8_encode to Internet Bug Bounty - 1 upvotes, $500
  697. Integer Overflow in gdImagePaletteToTrueColor() resulting in heap overflow to Internet Bug Bounty - 1 upvotes, $500
  698. NULL Pointer Dereference at _gdScaleVert to Internet Bug Bounty - 1 upvotes, $500
  699. Integer Overflow in _gd2GetHeader() resulting in heap overflow to Internet Bug Bounty - 1 upvotes, $500
  700. Python vulnerability: reading arbitrary process memory to Internet Bug Bounty - 1 upvotes, $0
  701. integer overflow in 'buffer' type allows reading memory to Internet Bug Bounty - 1 upvotes, $0
  702. LZ4 Core to Internet Bug Bounty - 1 upvotes, $0
  703. SPL ArrayObject/SPLObjectStorage Unserialization Type Confusion Vulnerabilities to Internet Bug Bounty - 1 upvotes, $0
  704. rsync hash collisions may allow an attacker to corrupt or modify files to Internet Bug Bounty - 1 upvotes, $0
  705. PyUnicode_FromFormatV crasher to Internet Bug Bounty - 1 upvotes, $0
  706. Use after free during the StageVideoAvailabilityEvent can result in arbitrary code execution to Internet Bug Bounty - 1 upvotes, $0
  707. Use After Free in Flash MessageChannel.send can cause arbitrary code execution to Internet Bug Bounty - 1 upvotes, $0
  708. SoapClient's __call() type confusion through unserialize() to Internet Bug Bounty - 1 upvotes, $0
  709. Use after free vulnerability in unserialize() to Internet Bug Bounty - 1 upvotes, $0
  710. Integer overflow in ftp_genlist() resulting in heap overflow to Internet Bug Bounty - 1 upvotes, $0
  711. Malformed ECParameters causes infinite loop to Internet Bug Bounty - 1 upvotes, $0
  712. libcurl: URL request injection to Internet Bug Bounty - 1 upvotes, $0
  713. str_repeat() sign mismatch based memory corruption to Internet Bug Bounty - 1 upvotes, $0
  714. Integer overflow in _json_encode_unicode leads to crash to Internet Bug Bounty - 1 upvotes, $0
  715. CVE-2016-0799 memory issues in BIO_*printf functions to Internet Bug Bounty - 1 upvotes, $0
  716. BN_hex2bn/BN_dec2bn NULL pointer deref/heap corruption (CVE-2016-0797) to Internet Bug Bounty - 1 upvotes, $0
  717. b2i_PVK_bio heap corruption to Internet Bug Bounty - 1 upvotes, $0
  718. EVP_EncodeUpdate overflow (CVE-2016-2105) to Internet Bug Bounty - 1 upvotes, $0
  719. EBCDIC overread (CVE-2016-2176) to Internet Bug Bounty - 1 upvotes, $0
  720. Potential double free in EVP_DigestInit_ex to Internet Bug Bounty - 1 upvotes, $0
  721. Bleichenbacher oracle in SSLv2 (CVE-2016-0704) to Internet Bug Bounty - 1 upvotes, $0
  722. Additional information for CVE-2016-5699 to Internet Bug Bounty - 1 upvotes, $0
  723. use of uninitialized variables in operator.methodcaller to Internet Bug Bounty - 1 upvotes, $0
  724. Two vulnerabilities in the ssl module to Internet Bug Bounty - 1 upvotes, $0
  725. Py_DECREF on a non-owned object in the _sre module to Internet Bug Bounty - 1 upvotes, $0
  726. integer overflow in binascii.b2a_qp to Internet Bug Bounty - 1 upvotes, $0
  727. EIP control using type confusion in json encoding to Internet Bug Bounty - 1 upvotes, $0
  728. UAF in xmlparser_setevents (1) to Internet Bug Bounty - 1 upvotes, $0
  729. Invalid read when wddx decodes empty boolean element to Internet Bug Bounty - 1 upvotes, $0
  730. Memory corruption in _php_math_number_format_ex() to Internet Bug Bounty - 1 upvotes, $0
  731. Heap overflow due to integer overflow in bzdecompress() function to Internet Bug Bounty - 1 upvotes, $0
  732. Memory corruption due to missing check size in _php_math_number_format_ex() to Internet Bug Bounty - 1 upvotes, $0
  733. Heap overflow due to integer overflow in pg_escape_string() function to Internet Bug Bounty - 1 upvotes, $0
  734. Heap overflow due to integer overflow in php_escape_html_entities_ex() function to Internet Bug Bounty - 1 upvotes, $0
  735. Heap Overflow due to integer overflows to Internet Bug Bounty - 1 upvotes, $0
  736. Stack-based buffer overflow vulnerability in php_stream_zip_opener to Internet Bug Bounty - 1 upvotes, $0
  737. Double Free Corruption in wddx.c (extension) to Internet Bug Bounty - 1 upvotes, $0
  738. _php_mb_regex_ereg_replace_exec - double free to Internet Bug Bounty - 1 upvotes, $0
  739. An integer overflow bug in php_str_to_str_ex() led arbitrary code execution. to Internet Bug Bounty - 1 upvotes, $0
  740. PHP-FPM fpm_log.c memory leak and buffer overflow to Internet Bug Bounty - 1 upvotes, $0
  741. An integer overflow bug in php_implode() could lead heap overflow, make PHP to crash to Internet Bug Bounty - 1 upvotes, $0
  742. openssl_seal() uninitialized memory usage to Internet Bug Bounty - 1 upvotes, $0
  743. Adobe Flash Player Uninitialised Memory Corruption to Internet Bug Bounty - 1 upvotes, $0
  744. use-after-free vulnerability in Flash Player to Internet Bug Bounty - 1 upvotes, $0
  745. CVE-2017-13090 wget heap smash to Internet Bug Bounty - 1 upvotes, $0
  746. CVE-2017-13089 wget stack smash to Internet Bug Bounty - 1 upvotes, $0
  747. CVE-2016-1924 OpenJPEG opj_tgt_reset Out-of-Bounds Read Vulnerability to Internet Bug Bounty - 1 upvotes, $0
  748. CVE-2016-5157 OpenJPEG opj_dwt_interleave_v Out-of-Bounds Write Vulnerability to Internet Bug Bounty - 1 upvotes, $0
  749. Uninitialized read in gdImageCreateFromXbm to Internet Bug Bounty - 1 upvotes, $0
  750. Uninitialized read in exif_process_IFD_in_MAKERNOTE to Internet Bug Bounty - 1 upvotes, $0
  751. DirectoryIterator class silently truncates after a null byte to Internet Bug Bounty - 1 upvotes, $0
  752. Null Pointer Dereference in PHP Session Upload Progress to Internet Bug Bounty - 1 upvotes, $0
  753. Out-of-bounds Read in php_strip_tags_ex to Internet Bug Bounty - 1 upvotes, $0
  754. CVE-2020-10938-buffer overflow/out-of-bounds write in compress.c:HuffmanDecodeImage() to Internet Bug Bounty - 1 upvotes, $0
  755. Python deque.index() uninitialized memory to Internet Bug Bounty - 0 upvotes, $1000
  756. Buffer over-read in exif_read_data with TIFF IFD tag to Internet Bug Bounty - 0 upvotes, $1000
  757. Uninitialized pointer in phar_make_dirstream to Internet Bug Bounty - 0 upvotes, $1000
  758. libcurl duphandle read out of bounds to Internet Bug Bounty - 0 upvotes, $1000
  759. Dangling pointer in the unserialization of ArrayObject items to Internet Bug Bounty - 0 upvotes, $1000
  760. bytearray.find Buffer Over-read to Internet Bug Bounty - 0 upvotes, $1000
  761. PyFloat_FromString & PyNumber_Long Buffer Over-reads to Internet Bug Bounty - 0 upvotes, $1000
  762. Format string vulnerability in zend_throw_or_error() to Internet Bug Bounty - 0 upvotes, $1000
  763. Use After Free in sortWithSortKeys() to Internet Bug Bounty - 0 upvotes, $1000
  764. Null pointer dereference in phar_get_fp_offset() to Internet Bug Bounty - 0 upvotes, $500
  765. Python 3.3 - 3.5 product_setstate() Out-of-bounds Read to Internet Bug Bounty - 0 upvotes, $500
  766. Python xmlparse_setattro() Type Confusion to Internet Bug Bounty - 0 upvotes, $500
  767. time_strftime() Buffer Over-read to Internet Bug Bounty - 0 upvotes, $500
  768. Python scan_eol() Buffer Over-read to Internet Bug Bounty - 0 upvotes, $500
  769. Mem out-of-bounds write (segfault) in ZEND_ASSIGN_DIV_SPEC_CV_UNUSED_HANDLER to Internet Bug Bounty - 0 upvotes, $500
  770. null pointer deref (segfault) in zend_eval_const_expr to Internet Bug Bounty - 0 upvotes, $500
  771. Null pointer deref (segfault) in spl_autoload via ob_start to Internet Bug Bounty - 0 upvotes, $500
  772. AddressSanitizer reports a global buffer overflow in mkgmtime() function to Internet Bug Bounty - 0 upvotes, $500
  773. Integer overflow in unserialize() (32-bits only) to Internet Bug Bounty - 0 upvotes, $500
  774. heap buffer overflow in enchant_broker_request_dict() to Internet Bug Bounty - 0 upvotes, $500
  775. audioop.lin2adpcm Buffer Over-read to Internet Bug Bounty - 0 upvotes, $500
  776. audioop.adpcm2lin Buffer Over-read to Internet Bug Bounty - 0 upvotes, $500
  777. hotshot pack_string Heap Buffer Overflow to Internet Bug Bounty - 0 upvotes, $500
  778. array.fromstring Use After Free to Internet Bug Bounty - 0 upvotes, $500
  779. use after free in load_newobj_ex to Internet Bug Bounty - 0 upvotes, $500
  780. invalid pointer free() in phar_tar_process_metadata() to Internet Bug Bounty - 0 upvotes, $500
  781. Memory Corruption in phar_parse_tarfile when entry filename starts with null to Internet Bug Bounty - 0 upvotes, $500
  782. Stack overflow when decompressing tar archives to Internet Bug Bounty - 0 upvotes, $500
  783. Integer overflow in _Unpickler_Read to Internet Bug Bounty - 0 upvotes, $0
  784. SOAP serialize_function_call() type confusion / RCE to Internet Bug Bounty - 0 upvotes, $0
  785. curl_setopt_array() type confusion to Internet Bug Bounty - 0 upvotes, $0
  786. Arbitrary code execution in str_ireplace function to Internet Bug Bounty - 0 upvotes, $0
  787. Files extracted from archive may be placed outside of destination directory to Internet Bug Bounty - 0 upvotes, $0
  788. Improved fix for bug #69545 (Integer overflow in ftp_genlist() resulting in heap overflow) to Internet Bug Bounty - 0 upvotes, $0
  789. tokenizer crash when processing undecodable source code to Internet Bug Bounty - 0 upvotes, $0
  790. integer overflow in the _csv module's join_append_data function to Internet Bug Bounty - 0 upvotes, $0
  791. Uninitialized read in exif_process_IFD_in_TIFF to Internet Bug Bounty - 0 upvotes, $0
  792. Use After Free in GC with Certain Destructors to Internet Bug Bounty - 0 upvotes, $0
  793. Use after free vulnerability in phar_parse_zipfile to Internet Bug Bounty - 0 upvotes, $0
  794. PHP builded for Windows with TS support does not resolve relalative paths with drive letter correctly to Internet Bug Bounty - 0 upvotes, $0