hackerone Summary

Latest vulnerabilities published by hackerone

JSON RSS CSV 🔔 Create Alert Trigger

6 February 2019

Denial of Service Vulnerability in airMAX and EdgeMAX Products by Ubiquiti Networks
CVE-2017-0938
HackeroneAirmax, Edgemax7.5HIGH

1 February 2019

Path Traversal Vulnerability in HTTP Live Simulator by N/A
CVE-2018-16479
HackeroneHttp-live-simulator7.5HIGH
Cross-Site Scripting Issue in Public Module by npm
CVE-2018-16480
HackeronePublic6.1MEDIUM
XSS Vulnerability in html-page by Rishabh Verma
CVE-2018-16481
HackeroneHtml-pages6.1MEDIUM
Server Directory Traversal Vulnerability in mcstatic Module by Node.js
CVE-2018-16482
HackeroneMcstatic7.5HIGH
Access Control Flaw in Express Cart Affects Unprivileged User Privileges
CVE-2018-16483
HackeroneExpress-cart8.8HIGH
Cross-Site Scripting Vulnerability in m-server Module by an Unknown Vendor
CVE-2018-16484
HackeroneM-server5.4MEDIUM
Path Traversal Vulnerability in m-server by Vendor XYZ
CVE-2018-16485
HackeroneM-server6.5MEDIUM
Prototype Pollution Vulnerability in Defaults-Deep Library by NPM
CVE-2018-16486
HackeroneDefaults-deep9.8CRITICAL
Prototype Pollution Vulnerability in Lodash by Lodash
CVE-2018-16487
HackeroneLodash5.6MEDIUM
Prototype Pollution Vulnerability in Just-Extend by Just-Extend
CVE-2018-16489
HackeroneJust-extend9.8CRITICAL
Prototype Pollution Vulnerability in mpath Module by Unknown Vendor
CVE-2018-16490
HackeroneMpath7.5HIGH
Prototype Pollution Vulnerability in Node.extend by NodeJS
CVE-2018-16491
HackeroneNode.extend9.8CRITICAL
Prototype Pollution Vulnerability in 'extend' Module by Vendor
CVE-2018-16492
HackeroneExtend👾🟡9.8CRITICAL
Path Traversal Vulnerability in Static Resource Server by Vendor
CVE-2018-16493
HackeroneStatic-resource-server7.5HIGH

30 October 2018

Prototype Pollution Vulnerability in Merge Package by VisionMedia
CVE-2018-16469
HackeroneMerge7.5HIGH

31 August 2018

Path Traversal Vulnerability in SimpleHTTPServer by SimpleHTTPServer Inc.
CVE-2018-3787
HackeroneSimplehttpserver7.5HIGH

12 August 2018

10 August 2018

Remote Code Execution Vulnerability in ActiveSupport Ruby Gem from Ruby
CVE-2018-3779
HackeroneActive-support Ruby Gem9.8CRITICAL

8 August 2018

Improper Authorization in Aedes MQTT Broker by Node.js
CVE-2018-3778
HackeroneAedes5.3MEDIUM

20 July 2018

26 June 2018

Information Leak Vulnerability in Sprockets by Rails
CVE-2018-3760
HackeroneSprockets👾🟡EPSS 93%7.5HIGH

13 June 2018

Race Condition Vulnerability in private_address_check Ruby Gem by jtdowney
CVE-2018-3759
HackeronePrivate Address Check ...3.7LOW